Cyber Incident Victim: Harris Center for Mental Health and Intellectual and Developmental Disabilities
Date:
Oct 2023
Location:
United States of America
Summary
A mental health provider experienced a suspected ransomware attack that encrypted operational files, limiting access to patient records and causing treatment delays. The organization proactively shut down its network to contain the incident while collaborating with third-party security experts and law enforcement to investigate and restore services. Coordination occurred with county-level homeland security, emergency management, and IT departments. The potential compromise of patient data remains unconfirmed, though the provider acknowledged prior cybersecurity incidents affecting regional mental health patients. Operational continuity measures were implemented to maintain care delivery during the disruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 6, 2023, The Harris Center for Mental Health and IDD experienced a suspected ransomware attack that disrupted access to patient files and caused treatment delays. The attack encrypted multiple working files, rendering them inaccessible to employees. In response, The Harris Center proactively shut down its network to contain the incident and prevent further spread of the malware. The organization stated it was taking all possible steps to maintain uninterrupted patient care while working with internal teams and third-party security response specialists to investigate the breach and restore full system functionality. Law enforcement agencies were notified, and The Harris Center collaborated with the Harris County Office of Homeland Security & Emergency Management and the Harris County Information Technology department to manage the incident. As of the reporting date, the provider could not confirm whether patient data had been compromised during the attack and declined to provide additional details, though they committed to informing the community if further impacts emerged. The organization did not respond to media requests for comment regarding the ongoing situation.
This incident occurred approximately eight months after a separate cyberattack that had exposed information for nearly 600,000 Houston-area mental health patients earlier in 2023, with The Harris Center also being targeted in that prior breach. As Texas's largest provider of Coordinated Specialty Care, the disruption affected critical mental health services across Harris County. The encryption of operational files created immediate workflow challenges for staff attempting to access necessary documentation. While the organization maintained patient care continuity through unspecified measures, the network shutdown and file inaccessibility directly contributed to treatment delays. Investigation and recovery efforts remained ongoing with support from cybersecurity professionals and county agencies, though no timeline for full restoration of services was provided. The Harris Center emphasized its serious approach to cybersecurity but offered no technical details about the attack vector or mitigation strategies employed during the response.