Cyber Incident Victim: Jordan Health

A ransomware attack targeted Jordan Health in New York on or around February 27, 2020, forcing the healthcare center to proactively shut down its computer systems as a precautionary measure. The attack disrupted normal operations, though the organization did not initially disclose the specific ransomware variant or the exact entry point of the intrusion. Forensic investigations conducted following the incident confirmed that attackers did not access patient data during the breach. This critical information remained secure because it was stored on a separate, encrypted server that was not compromised in the attack. The center’s decision to isolate systems likely limited the ransomware’s spread across its network infrastructure. No evidence suggested data exfiltration occurred prior to system encryption, reducing risks associated with potential misuse of sensitive information.

The incident primarily impacted Jordan Health’s operational continuity due to the necessary computer shutdowns, though the article did not specify the duration of downtime or exact clinical or administrative functions affected. The organization’s reliance on segregated, encrypted storage for patient records proved effective in safeguarding protected health information (PHI) during this event. No public statements indicated whether Jordan Health engaged with law enforcement, paid a ransom, or utilized external incident response teams beyond initial forensic analysis. The attack highlighted the center’s defensive measures for data protection while underscoring vulnerabilities in its general IT infrastructure that allowed the ransomware execution. Patient communications regarding the incident were not detailed in available reporting, nor were long-term financial or reputational consequences quantified.