Cyber Incident Victim: Putnam County Memorial Hospital

Putnam County Memorial Hospital in Unionville, Missouri, experienced a cyberattack detected on July 18, 2021, when staff were prevented from accessing certain computer systems and files. Forensic investigations determined an unauthorized actor had infiltrated the hospital’s network between July 16 and July 18, 2021. During this period, the attacker deployed multiple network reconnaissance tools to identify systems and data of interest before encrypting files with ransomware. The compromised sections of the network contained sensitive patient and employee information, including names, addresses, Social Security numbers, physician-patient assessments, medical records, treatment authorizations, and laboratory and radiology reports. Financial data was not confirmed to have been exposed in the breach. The attack disrupted hospital operations by restricting access to critical systems necessary for daily functions.

Following containment efforts, the hospital initiated a forensic review to assess the scope of the incident. The investigation confirmed the attacker’s access to protected health information but found no evidence of financial data compromise. In response, Putnam County Memorial Hospital implemented new security measures to enhance data protection protocols. Notifications were issued to 6,916 affected individuals, detailing the types of exposed information and offering complimentary 12-month credit monitoring services. These services included darknet and clearnet monitoring, quick cash scans, fraud consultation, identity theft restoration support, and identity theft insurance coverage. The hospital’s remediation efforts focused on restoring system integrity and preventing future unauthorized access through strengthened cybersecurity controls.