Cyber Incident Victim: NCH Healthcare System

On June 14, 2019, the NCH Healthcare System detected suspicious activity involving its payroll system, prompting an immediate internal investigation. The inquiry revealed that unauthorized actors had gained access to several employee email accounts through a phishing attack. While the exact timeline of initial compromise remains undisclosed, the breach discovery coincided with the payroll system irregularities. Hospital officials confirmed the incident involved external threat actors but did not specify the number of compromised accounts or the duration of unauthorized access. The investigation focused on determining whether protected health information or other sensitive data was exposed through the breached email accounts.

NCH publicly disclosed the incident on August 15, 2019, through a website notice and media statements, nearly two months after initial detection. The healthcare system's communications emphasized their ongoing forensic review but provided no confirmation regarding patient data exposure. No evidence of data misuse was reported at the time of disclosure. The organization did not release details about containment measures, remediation steps, or whether law enforcement was involved. The breach notification acknowledged the payroll system's involvement as the detection point but did not clarify whether financial data or employee records were specifically targeted or compromised.