Cyber Incident Victim: Freeport Health Network

The FHN healthcare system based in Freeport, Illinois, experienced a data breach involving unauthorized access to employee email accounts between February 12 and February 13, 2020. Suspicious activity within these accounts triggered an internal investigation, leading FHN to secure the compromised accounts and engage a third-party computer forensic firm to analyze the incident. The forensic investigation concluded on April 30, 2020, confirming the two-day intrusion period but could not verify whether the attacker viewed specific emails or attachments. FHN subsequently conducted a manual review of all emails and attachments in the affected accounts to identify potentially exposed patient information. This review revealed that accessible data included patient names, dates of birth, medical record numbers, health insurance details, treatment information (such as provider names, diagnoses, and medications), and in some cases, Social Security numbers and driver’s license numbers. FHN clarified that only patients whose data resided in the breached email accounts were impacted, not its entire patient population.

On July 31, 2020, FHN began notifying affected individuals and offered complimentary credit monitoring and identity protection services to those whose Social Security numbers or driver’s license numbers were exposed. The organization emphasized proactive measures to prevent future cyber incidents but did not disclose technical specifics regarding the attack vector or the number of affected accounts or patients. The breach did not disrupt healthcare services, and FHN’s response focused on containment, forensic analysis, patient notification, and remediation for high-risk data exposures. No evidence suggested misuse of the exposed data at the time of disclosure.