Cyber Incident Victim: New Hanover Regional Medical Center

On November 15, 2021, Novant Health confirmed that the Twitter account for its New Hanover Regional Medical Center facility in Wilmington, North Carolina, was compromised by unauthorized actors. The attackers renamed the account’s handle to ‘@cjjohnso17th’ and altered the display name to “Wealth Squad Chris,” effectively erasing visible associations with the hospital. This hijacking disrupted the hospital’s official communication channel, forcing administrators to suspend the account entirely. Twitter subsequently enforced a full suspension of the compromised profile, as evidenced by the platform’s landing page for the handle. The hospital acknowledged the incident to local media outlet WWAY on the same day and initiated efforts to regain control of the account. No further details regarding the attacker’s motives, the duration of unauthorized access prior to detection, or specific malicious content posted during the breach were disclosed publicly. The incident underscored vulnerabilities in social media account management for critical healthcare infrastructure.

In a separate but contemporaneous cybersecurity event, New Hanover Regional Medical Center disclosed a data breach impacting approximately 1.3 million patients. Unauthorized actors gained access to employee email accounts between March 1 and June 17, 2021, through a phishing campaign. The breach was discovered during a forensic investigation launched on September 27, 2021, revealing potential exposure of patient names, contact details, dates of birth, medical record numbers, and limited clinical information. No evidence suggested misuse of the data, but the hospital began notifying affected individuals by December 2021 and offered complimentary credit monitoring services. This incident highlighted risks associated with email-based threats in healthcare environments, though no operational disruptions to medical services were reported in connection with either event.