Cyber Incident Victim: Altus Baytown Hospital

On September 3, 2018, Altus Baytown Hospital (ABH) experienced a ransomware attack that encrypted numerous documents containing patient information. The attackers deployed a strain of Dharma ransomware, which locked access to files but did not compromise the hospital’s electronic health records system. Affected files included sensitive patient data such as names, home addresses, dates of birth, Social Security numbers, driver’s license numbers, credit card information, phone numbers, and medical details. ABH initiated an internal investigation to determine how unauthorized actors gained access to their systems and deployed the malware. The hospital engaged external risk and security consultants to assist with decryption and restoration efforts. These specialists successfully decrypted ABH’s backup files and restored all affected data. During the investigation, ABH confirmed the ransomware only encrypted files and found no evidence that attackers exfiltrated or accessed data stored on their servers.

The incident impacted not only ABH but also several affiliated entities whose data resided on the same servers: Altus Women’s Center of Baytown, Oprex Surgery (Baytown), Clarus Imaging (Baytown), Clarus Imaging (Beaumont), Zerenity Baytown, and Altus Radiation Oncology Baytown. Following data restoration, external security teams removed the ransomware infection from ABH’s systems and implemented enhanced protective measures to prevent future attacks. Despite confirming no data breach occurred, ABH advised patients to take precautionary steps to safeguard their personal information. The hospital’s breach notification emphasized the encryption-limited nature of the incident but maintained transparency about the types of data potentially exposed in the affected files. Recovery efforts concluded with full system restoration and reinforced security protocols.