Cyber Incident Victim: Fayette Medical Center

On or around September 30, 2019, a ransomware attack disrupted operations across three hospitals within the DCH Health System in Alabama, including Fayette Medical Center. The attack paralyzed the health network’s computer systems, forcing DCH Regional Medical Center in Tuscaloosa, Northport Medical Center, and Fayette Medical Center to close to all but the most critical new patients by October 1. Emergency protocols were activated to maintain safe operations without computer-dependent technology. Ambulance services received instructions to divert patients to unaffected hospitals when possible. Patients arriving at emergency rooms faced potential transfers to alternative facilities after stabilization. Hospital officials publicly acknowledged the attack was the work of a criminal entity demanding payment in exchange for restoring system access, though the specific ransom amount and cryptocurrency involved were not disclosed.

The ransomware encrypted data on production systems and backup storage drives, a common tactic preventing normal operations or recovery without decryption keys. DCH Health System’s statement confirmed the attack restricted computer usage but did not identify the malware variant or whether decryption without payment was feasible. Concurrently, seven hospitals in Australia’s Gippsland and southwest Victoria regions experienced a separate ransomware incident beginning September 30, leading to rescheduled patient services and isolated systems to contain the infection. Australian hospital officials reported no evidence of unauthorized access to patient records but anticipated weeks of restoration efforts. Both incidents underscored immediate operational impacts, including patient diversions and service delays, while investigations involved law enforcement and cybersecurity agencies in their respective countries.