Cyber Incident Victim: Mt. Graham Regional Medical Center

On September 27, 2023, Mt. Graham Regional Medical Center (MGRMC) in Safford, Arizona, experienced a cybersecurity incident disrupting its communication and information systems. The 25-bed critical access hospital—serving approximately 50,000 residents across Graham and Greenlee Counties—publicly disclosed the event on September 28, initiating an investigation with law enforcement and external cybersecurity experts. Immediate measures included implementing downtime procedures to maintain clinical operations, relying on established redundancies to minimize patient care disruptions. The hospital advised current and former patients to monitor financial accounts and personal data, offering a dedicated community relations phone line for inquiries. By October 2, MGRMC reported progress in restoring system access for staff and recovering patient information, emphasizing that the outage caused limited operational impact due to contingency planning.

Subsequent updates revealed the incident as a ransomware attack, with internal systems and online patient portals fully restored by October 13. MGRMC activated its Incident Command and recovery teams, maintaining payroll and accounts payable throughout the disruption. An external forensic firm determined the electronic medical records system remained uncompromised, though broader system reviews continued to assess potential data exposure. The hospital reiterated its commitment to direct patient notification if breaches were confirmed. Recovery efforts involved extensive staff overtime, with MGRMC crediting its community-owned operational resilience for minimizing service interruptions across emergency, inpatient, and outpatient departments during the three-week restoration period. No patient data compromise had been verified as of the final public update.