Cyber Incident Victim: Lexington Medical Center

On February 17, 2017, Lexington Medical Center in South Carolina discovered unauthorized access to its employee information database, eConnect/Peoplesoft, during a morning security review. The breach exposed personally identifiable information of current and former employees, including names, Social Security numbers, and W-2 tax forms. Hospital officials confirmed the intrusion affected only the employee database, with no patient data compromised. The organization notified employees of the incident within the same week of discovery, emphasizing prompt transparency despite the ongoing investigation. The attackers specifically targeted payroll and tax documentation through the compromised system, though the exact method of intrusion remained unspecified in public disclosures.

Upon identifying the breach, Lexington Medical Center immediately terminated unauthorized access to the database and initiated a forensic investigation with assistance from national cybersecurity experts. The hospital concurrently engaged federal and state law enforcement agencies to support the inquiry. Affected employees were offered complimentary credit monitoring and identity theft protection services to mitigate potential financial fraud risks. A dedicated call center staffed by identity theft professionals was established to address employee concerns, supplemented by guidance on preventing fraudulent tax filings using stolen data. The incident highlighted vulnerabilities in the hospital's employee data systems, prompting resource allocation toward enhanced safeguards without disclosing specific technical remediation measures. No further unauthorized activity was reported following the containment actions implemented on the discovery date.