Cyber Incident Victim: United States of America

A cyber security incident disrupted operations at Liberty Hospital in Liberty, Missouri, beginning around November 17, 2023. The hospital publicly acknowledged the incident nearly two weeks later, confirming ongoing recovery efforts but providing no estimated resolution timeline. Staff immediately shifted to paper-based patient charting systems due to widespread computer outages affecting nearly all clinical workstations. Hospital administration stated this transition aligned with pre-established downtime procedures for which employees received training. To mitigate operational strain, the hospital increased nursing ratios in inpatient units, deploying additional nurses and support staff per patient. Daily progress was reported in restoring systems, though specific restored capabilities or affected systems were not disclosed.

Internal staff expressed significant concerns about prolonged reliance on manual processes, with anonymous nurses reporting critical risks to patient safety. Documentation errors emerged, including lost prescription records and conflicting diagnostic information across multiple paper versions, complicating care continuity. Employees attributed these risks to the impossibility of maintaining accurate, unified records without digital systems. Patients observed increased paperwork during visits but described overall operations as continuing with minimal outward disruption. Cybersecurity experts highlighted potential exposure of sensitive data, noting medical records and financial information like insurance or payment details could be compromised. Liberty Hospital declined to confirm whether data exfiltration occurred but acknowledged the healthcare sector faced over 1,600 cyber attacks in 2023 according to Check Point Software data. Recovery remained incomplete as of early December, with the hospital emphasizing incremental system restorations without committing to a resolution date.