Cyber Incident Victim: Grays Harbor Community Hospital

Grays Harbor Community Hospital experienced a ransomware attack potentially beginning around mid-June 2019, though officials did not publicly confirm the incident’s scope or operational details at the time. By late July 2019, hospital representatives acknowledged the attack only minimally, stating they were withholding specifics based on external advice. Despite the cybersecurity event, the hospital emphasized continuity of critical services, with spokesperson Amy Bruce confirming no disruptions to patient care, surgeries, or childbirth services. The hospital did not disclose whether ransomware encrypted or corrupted patient data, nor did it confirm if attackers exfiltrated sensitive information. No technical details regarding attack vectors, ransom demands, or affected systems were released publicly.

The prolonged silence from hospital leadership between mid-June and late July 2019 raised community concerns about potential data compromise, particularly whether patient records remained accessible or suffered integrity loss. External observers noted the unusual duration of operational uncertainty, as healthcare ransomware incidents typically prompt faster disclosure of data impacts. The hospital maintained normal billing and clinical operations throughout the incident but provided no updates on system restoration timelines or forensic investigations. Public statements focused exclusively on service continuity assurances without addressing patient data security or recovery specifics. The incident remained unresolved in public reporting as of July 24, 2019, with no further official updates documented in available sources.