Cyber Incident Victim: North Carolina medical center

On September 20, 2021, Coos County Family Health Services (CCFHS), a nonprofit healthcare provider operating clinics in Berlin and Gorham, New Hampshire, experienced a ransomware attack that disrupted clinical services. The attack targeted the organization’s computer systems, though specific technical details regarding the ransomware variant, initial attack vector, and scope of compromised systems were not publicly disclosed. CCFHS maintained three facilities at the time—two in Berlin and one in Gorham—all of which were affected by operational interruptions following the encryption of critical systems. Service disruptions occurred immediately after the attack was detected, though the exact duration of downtime and specific clinical impacts (e.g., canceled appointments, delayed procedures) were not detailed in available reports. No patient or employee data breaches were explicitly confirmed in initial disclosures, though the incident’s focus appeared centered on operational disruption rather than explicit data exfiltration claims by attackers.

This incident marked the second major ransomware attack targeting a Berlin-based nonprofit organization within six months, following a spring 2021 attack against the Androscoggin Valley Regional Refuse Disposal District (AVRRDD). The AVRRDD had previously paid an undisclosed ransom to regain access to encrypted systems, establishing a pattern of threat actor focus on critical infrastructure entities in Coos County. CCFHS did not publicly confirm whether ransom demands were received, negotiated, or paid in their September incident. Recovery timelines and specific remediation actions—such as system restoration methods, cybersecurity improvements, or coordination with law enforcement—were not documented in available sources. The attack highlighted recurring vulnerabilities among North Country nonprofits, with both incidents causing operational paralysis and financial strain through either ransom payments or recovery expenditures.