Cyber Incident Victim: Lake Charles Memorial Health System

On or around October 1, 2022, Lake Charles Memorial Health System (LCMH) detected unauthorized activity on its computer network. The organization’s cybersecurity team promptly identified and blocked the malicious activity, preventing disruption to patient care delivery or clinical operations. Hospital officials publicly disclosed the incident in a November 16 statement, confirming that attackers had exfiltrated an unspecified quantity of data during the breach. LCMH initiated a forensic review to determine the scope of compromised information and identify affected individuals, though no specific details about data types or record volumes were released. The health system engaged third-party cybersecurity experts to assist with the investigation while maintaining normal hospital functions throughout the incident response process.

LCMH reported the cyberattack to the FBI’s Cyber Task Force and other unspecified law enforcement agencies, establishing formal cooperation with authorities. Internal teams prioritized assessing the nature and sensitivity of stolen information to fulfill regulatory notification obligations. The organization committed to directly notifying impacted individuals in compliance with state and federal laws, though no timeline for notifications was provided. No evidence emerged suggesting operational disruptions to medical devices, appointment systems, or emergency services during or after the incident. Ongoing investigations focused on determining the attack’s entry vectors, duration of network access, and specific datasets accessed by threat actors while maintaining continuity of healthcare services.