Cyber Incident Victim: DuPage Medical Group
Date:
Jul 2021
Location:
United States of America
Summary
A cyberattack disrupted a healthcare provider's network systems, compromising data for over 655,000 patients. Threat actors accessed portions of the network containing patient names, contact details, diagnosis and procedure codes, treatment dates, and Social Security numbers for some individuals, though no financial information was exposed. The organization provided affected patients with credit monitoring and identity theft protection while implementing enhanced cybersecurity measures and reviewing security policies. Law enforcement continues to investigate the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 13, 2021, DuPage Medical Group (DMG), a large Illinois healthcare provider, experienced a network outage caused by unauthorized access to its systems. Forensic investigations determined threat actors infiltrated the network between July 12 and July 13, prompting DMG to engage third-party cybersecurity specialists to assess the breach scope. The analysis confirmed attackers accessed limited network segments containing patient data but found no evidence of financial information compromise. DMG subsequently identified 655,384 affected individuals whose personal and medical details were exposed during the intrusion period.
The compromised data included patient names, contact information, diagnosis codes, Current Procedural Terminology codes reflecting medical procedures, and treatment dates. A subset of individuals also had Social Security numbers exposed. DMG began notifying all impacted patients by August 31, 2021, offering complimentary credit monitoring and identity theft protection services. The organization implemented additional cybersecurity controls following the incident and initiated a review of existing security policies to strengthen its technology infrastructure. Law enforcement agencies continued investigating the attack while DMG worked to restore normal operations and prevent future breaches through enhanced network safeguards. The incident ranked among the ten largest healthcare sector breaches reported in the United States during 2021 based on affected patient volume.