Cyber Incident Victim: Mobile County Health Department
Date:
Jun 2024
Location:
United States of America
Summary
The Mobile County Health Department experienced a cybersecurity incident involving unusual network activity that disrupted multiple services, including prescription processing and appointment scheduling capabilities. The agency engaged IT security consultants to investigate and restore operations, successfully bringing its pharmacy and central appointments systems back online while continuing efforts to fully reinstate all affected functions. Restoration work remains ongoing as the organization prioritizes returning to normal operations for community services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Mobile County Health Department (MCHD) detected unusual cyber activity on June 6, 2024, prompting an immediate operational response to address the disruption. This incident impacted critical healthcare services, including prescription processing through the pharmacy system and appointment scheduling managed by the central appointments office. MCHD mobilized internal resources and engaged external IT security consultants to evaluate the compromised network environment and initiate restoration procedures. The disruption represented a significant operational challenge, as these systems directly supported patient care delivery within Mobile County. No specific details regarding the nature or origin of the cyber activity were disclosed publicly during the initial response phase.
By June 13, 2024, MCHD successfully restored partial functionality to key systems, specifically confirming the pharmacy's ability to process prescriptions and the reactivation of appointment scheduling capabilities. Ongoing efforts focused on achieving full operational restoration across all affected systems, with agency representatives emphasizing their commitment to resolving remaining technical issues. The organization maintained transparency through periodic public updates, though no further technical specifics about attack vectors, data compromise, or forensic findings were released at this stage. Recovery operations remained active, involving continued collaboration between internal IT teams and external cybersecurity experts to ensure comprehensive network remediation. Service restoration priorities centered on minimizing community health service interruptions while maintaining system integrity assessments.