Cyber Incident Victim: Throckmorten County Memorial Hospital

Throckmorten County Memorial Hospital in Texas experienced a cybersecurity incident involving unauthorized access to its computer network. On September 7, 2021, the hospital detected an intrusion that included both unauthorized system access and the installation of malware. A subsequent forensic investigation determined the initial network breach occurred on August 25, 2021, with threat actors maintaining access until the detection date on September 7. The compromised systems contained personal information of 3,136 individuals, including both patients and employees. Patient data exposed in the breach consisted of first and last names, addresses, dates of birth, gender, dates of service, diagnoses, current procedural terminology codes, medical conditions, medication details, and hospital visit information. Employee records potentially compromised included names, wage histories, Social Security numbers, payroll details, and tax filing information.

In response to the breach, Throckmorten County Memorial Hospital delayed notifications to affected individuals to prioritize malware removal and security enhancements, reasoning that earlier disclosure might have left systems vulnerable to additional attacks. The hospital ultimately provided complimentary credit monitoring memberships and identity theft/fraud insurance coverage to impacted parties. While the forensic investigation confirmed the duration of unauthorized access and the types of information stored on affected systems, no explicit evidence emerged regarding whether data was actually exfiltrated or misused. The hospital implemented security improvements following the incident but did not specify technical details about containment measures beyond malware eradication and delayed notification procedures.