Cyber Incident Victim: Ferguson Medical Group

On September 20, 2019, Ferguson Medical Group (FMG) in Sikeston, Missouri, experienced a ransomware attack on its computer network. Saint Francis Healthcare System, which had acquired FMG prior to the incident, discovered the attack on September 21, 2019. The attack rendered all medical records for services provided at FMG before January 1, 2019, inaccessible. Attackers demanded payment to restore access to the encrypted records. Saint Francis immediately secured the compromised network and collaborated with federal law enforcement agencies throughout their response. The organization declined to pay the ransom, opting instead to restore data from backup files. Restoration efforts proved incomplete, leaving certain records permanently unrecoverable.

Medical records spanning September 20, 2018, to December 31, 2018, along with all documents scanned into FMG’s system regardless of their creation date, could not be restored from backups. Saint Francis found no evidence that patient information was disclosed to unauthorized third parties or misused. The healthcare system initiated patient notifications by mail on November 20, 2019, advising precautionary measures despite assessing no actual data misuse. Impacted individuals received offers for complimentary credit monitoring services accessible via mailed instructions or a dedicated toll-free call center. Saint Francis established the call center (866-611-1186) operating Monday through Friday from 8 am to 8 pm Central Time to address patient inquiries. The organization expressed regret for the incident while emphasizing its commitment to patient care and information security.