Cyber Incident Victim: Hurley Medical Center
Date:
Jan 2016
Location:
United States of America
Summary
Hurley Medical Center experienced a cyber attack following a public threat by the hacktivist group Anonymous, which had criticized government handling of the Flint water crisis in a video announcement. The hospital confirmed its IT security systems detected the incident, maintained that patient care remained unaffected, and stated all response protocols were followed during the attack. While Anonymous had not claimed responsibility at the time, the timing of the incident occurred shortly after the group's call for action against officials involved in the water contamination issue.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 20, 2016, the hacktivist group Anonymous posted a four-minute YouTube video criticizing Michigan Governor Rick Snyder’s handling of the Flint water crisis and calling for criminal charges against him as part of their #OpFlint campaign. The following day, January 21, Hurley Medical Center in Flint, Michigan, experienced a cyber attack. Hospital spokeswoman Ilene Cantor confirmed the incident to local media, stating that the facility’s IT systems detected the attack but did not specify the nature or technical scope of the intrusion. Cantor emphasized that patient care operations remained unaffected throughout the event, with no disruption to clinical services reported. The hospital activated established protocols in response, though no further details were provided regarding containment procedures or forensic investigations.
Authorities did not confirm any connection between the Anonymous threat and the cyber attack, as the group never claimed responsibility for the incident. Cantor reiterated that Hurley Medical Center maintained continuous monitoring of all systems following the attack to ensure ongoing security compliance. The hospital’s existing IT infrastructure included threat detection capabilities designed to identify viruses or cyber intrusions, which were utilized during this event. No patient data breaches, financial impacts, or operational downtime were publicly disclosed in relation to the incident. The attack occurred amid heightened tensions surrounding the Flint water contamination crisis, which had drawn national attention and activist responses. Hospital officials concluded their public statements by affirming adherence to established cybersecurity policies without elaborating on long-term remediation efforts or external investigations.