Cyber Incident Victim: Brooklyn Hospital Center

The ransomware attack on Brooklyn Hospital Center occurred in late July 2019, though the institution did not publicly disclose the incident until early November following an internal investigation described as exhaustive. During the intrusion, multiple computer systems were compromised by malware that encrypted patient data, rendering portions permanently inaccessible despite extensive recovery efforts. On September 4, 2019, the hospital confirmed through its investigation that certain patient records—including names and specific medical imaging files related to dental and cardiac care—could not be restored. While not all patients were affected, the hospital did not provide estimates regarding the scale of impacted individuals. No evidence emerged that attackers exfiltrated or misused the encrypted data, consistent with typical ransomware operations focused on encryption-for-ransom rather than data theft.

Brooklyn Hospital Center initiated remediation efforts immediately after detecting the attack but ultimately failed to recover the lost data, indicating no ransom payment was made to the threat actors. The hospital's notification to patients emphasized that despite diligent attempts to restore systems, the encrypted information remained irrecoverable, suggesting potential deficiencies in backup systems or disaster recovery protocols. The attackers' identity, ransomware variant, and demanded ransom amount were not disclosed. Primary operational consequences included permanent loss of clinical records and diagnostic images, though treatment operations continued without explicit disruption reports. The delayed public disclosure—nearly four months post-incident—reflected the hospital's prioritization of internal investigation and containment measures before notifying affected parties.