Cyber Incident Victim: Family Health Centers Of Georgia, Inc.

On October 19, 2020, ransomware threat actors operating under the name "Conti" listed Family Health Centers Of Georgia, Inc. (FHCGA) on their dedicated data leak site. Conti, following a ransomware attack model involving data exfiltration and public shaming, uploaded stolen files from FHCGA as proof of compromise. The attackers posted older personnel files related to an administrator, historical log files, and a copy of a file named "_r3adm3.txt" that they had uploaded to FHCGA's server. As a HIPAA-covered entity providing healthcare services, FHCGA's systems contained protected health information (PHI), though the specific scope of accessed or exfiltrated patient data was not detailed in Conti's initial leak. The threat actors typically escalated data dumps over time to pressure victims into paying ransom demands, though no subsequent FHCGA data releases were documented in the available report.

As of November 8, 2020, FHCGA had not publicly acknowledged the incident through its website, press releases, or regulatory filings. No breach notification appeared on the U.S. Department of Health and Human Services (HHS) public breach reporting tool, which HIPAA requires for incidents affecting 500 or more individuals within 60 days of discovery. DataBreaches.net attempted to contact FHCGA regarding the Conti listing but received no response. The absence of public disclosure left unclear whether patient data was definitively accessed, whether notifications were privately issued, or whether regulatory reporting obligations were met. The leaked personnel and log files indicated potential operational and administrative system compromise, but the full impact on patient records remained unconfirmed in the examined source material. Conti’s actions aligned with their broader pattern of targeting healthcare entities and exploiting stolen data to coerce payments, though FHCGA’s specific response timeline and remediation efforts were not disclosed.