Cyber Incident Victim: San Gorgonio Memorial Hospital

San Gorgonio Memorial Hospital (SGMH), located in Banning, California, experienced a cybersecurity incident that disrupted its IT operations beginning on or around November 10, 2022. The hospital discovered the incident on November 10 and initiated response protocols to contain the disruption. Patient care operations were restored to normal functionality by November 16, 2022, following six days of operational impact. During this period, the hospital’s IT systems were impaired, though specific clinical or administrative functions affected were not detailed in public statements. SGMH did not immediately disclose the nature of the cyber incident or whether data exfiltration occurred. A hospital spokesperson confirmed the event via email but did not provide technical details regarding the attack vector or initial intrusion method. The incident prompted an internal assessment to determine the scope of affected systems and data.

SGMH engaged a third-party computer forensic firm to investigate the cause and extent of the incident, including identifying potentially compromised data. The hospital stated it would notify affected patients once the investigation conclusively determined what information was accessed or exfiltrated. Concurrently, SGMH implemented additional safeguards and technical security enhancements to strengthen system protections and monitoring capabilities. No ransomware claims or threat actor affiliations were publicly disclosed in connection with the event. The hospital emphasized taking the incident seriously but did not report any evidence of prolonged unauthorized access beyond the containment timeline. Restoration efforts prioritized clinical operations, with no reported patient harm directly linked to the IT disruption.