Cyber Incident Victim: Buddhist Tzu Chi Medical Foundation

On July 15, 2021, Buddhist Tzu Chi Medical Foundation in West Sacramento, California, detected a cyberattack that rendered portions of its network inaccessible. The organization immediately took the affected server offline and activated emergency protocols, including transitioning staff to manual pen-and-paper documentation for patient records. A forensic investigation was initiated to assess the breach's nature and scope, confirming unauthorized access to network segments containing patient data. While investigators established that attackers could have accessed protected health information, they could not determine whether any data was actually viewed or exfiltrated during the intrusion. The compromised files contained patient names, dates of birth, diagnosis details, and dental x-rays specifically for dental patients. No additional categories of patient information were stored on the impacted server and associated computers, limiting the exposure scope to these data elements.

The foundation determined the breach affected 18,968 individuals who received medical services through the organization. Due to the types of exposed information—primarily diagnostic and dental imaging data—the organization assessed there was minimal risk of financial fraud or identity theft misuse. As a precautionary measure, all affected patients received notifications advising vigilance in monitoring their health benefit statements and medical records for unusual activity. No evidence emerged suggesting attempted or actual misuse of the compromised data following the attack. The foundation did not disclose whether ransomware was deployed, whether a ransom demand occurred, or if any payment was made to attackers, focusing instead on containment through server isolation and operational continuity measures during network disruption.