Cyber Incident Victim: Roper St. Francis Healthcare

The data breach at Roper St. Francis Hospital occurred between June 13 and June 17, 2020, when an unauthorized actor gained access to an employee’s email account. Hospital officials discovered the security incident on July 8, 2020, confirming that attackers exfiltrated sensitive information belonging to 6,000 patients. The compromised data included names, dates of birth, detailed medical records, insurance information, and Social Security numbers. Attackers specifically targeted personal and healthcare information during the five-day intrusion window. Roper St. Francis Healthcare, based in Charleston, South Carolina, publicly disclosed the breach on the same day it was discovered, confirming the attack vector as email account compromise. The hospital did not identify the responsible threat actor or disclose whether the breach involved malware, phishing, or credential theft beyond the initial email access point.

Affected patients were notified through a dedicated response channel established by the hospital. Starting September 4, 2020, individuals could contact a toll-free call center at 1-888-498-0916 to verify whether their data was compromised. The breach exclusively impacted a subset of patients rather than the entire healthcare system’s client base. Hospital officials confirmed the theft of comprehensive medical records alongside standard personally identifiable information but did not report evidence of data misuse in their initial disclosure. No details were provided regarding containment measures, forensic investigation methods, or system security enhancements implemented post-breach. The incident exposed vulnerabilities in email security protocols and employee account management within the healthcare provider’s infrastructure.