Cyber Incident Victim: Capital Region Medical Center
Date:
Dec 2021
Location:
United States of America
Summary
Capital Region Medical Center experienced a cyberattack that compromised patient data and disrupted systems, though partial restoration of services—including its website, patient portal, and online bill pay—was achieved afterward. An investigation confirmed unauthorized access to personal health information by a third party, prompting the organization to review affected files to identify impacted individuals and assess the full scope of the breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The cyberattack impacting Capital Region Medical Center in Missouri occurred on or around December 17, 2021, disrupting hospital operations and necessitating the temporary shutdown of critical digital services. Initial system outages affected the hospital’s public-facing website, patient portal, and online bill payment platform, limiting patient access to medical records and financial services. By January 5, 2022, the hospital restored partial functionality to these systems, confirming through an official website update that core patient-facing platforms were operational again. During the incident response investigation, forensic analysis revealed unauthorized third-party access to personal health information stored within hospital systems. The attackers exfiltrated sensitive patient data, though the hospital did not immediately disclose the specific data types compromised or the number of affected individuals. Hospital administrators initiated a comprehensive file review to identify impacted patients and determine the full scope of the breach, a process ongoing as of the January 5 update. No ransomware claims or explicit attacker motives were publicly disclosed by the hospital or corroborated in available reports.
The confirmed compromise of protected health information constituted the primary documented consequence, though the hospital did not specify whether clinical operations, appointment scheduling, or emergency services experienced disruptions during the outage. Restoration of the patient portal and billing systems indicated partial recovery of administrative functions within three weeks of the initial attack. Capital Region Medical Center did not release technical details regarding attack vectors, malware variants, or containment measures employed during the incident. No law enforcement agency attributions or data leak site publications were referenced in available reporting. The hospital’s public communications emphasized ongoing internal reviews to ascertain breach dimensions and affected populations, with no supplementary information provided regarding patient notification timelines, regulatory filings, or identity protection offerings as of the latest January 7, 2022, reporting date. System restoration efforts prioritized reinstating patient access to digital services while forensic investigations continued to assess data exposure.