Cyber Incident Victim: North Florida Obstetrics & Gynecology

The North Florida OB-GYN cyber incident, impacting 528,188 patients, was first detected by the Jacksonville-based healthcare provider on July 27, 2019. An investigation revealed unauthorized access to portions of the organization's networked computer systems had occurred over a prolonged period, beginning on or before April 29, 2019 – nearly two months prior to discovery. Woman’s Care Florida, the parent organization of North Florida OB-GYN, conducted a preliminary assessment confirming that improper access affected certain segments of their IT infrastructure during this timeframe. While the specific intrusion methods weren't disclosed, the breach compromised protected health information stored within the accessed systems. The delay between initial compromise and detection indicated the incident persisted undetected for approximately 60 days before security personnel identified anomalous activity prompting investigation.

Patient notification processes commenced following the determination that sensitive health data was potentially exposed. The scale of the breach – affecting over half a million individuals – positioned it among significant healthcare data security events of 2019. No specifics regarding data misuse or subsequent fraudulent activity were confirmed in available reports. The organization did not publicly disclose technical details about the attack vector, containment procedures, or whether ransomware or data exfiltration occurred. Impacted patients received notifications describing the nature of the systems accessed and the types of personal health information potentially viewable by unauthorized parties, though the notification text wasn't reproduced in full within the source material. The nearly three-month gap between incident discovery (July 27) and public reporting (October 1) reflected the duration required for forensic analysis and regulatory compliance procedures.