Menu
Browse

Cyber Incident Victim: Roper St. Francis Healthcare

Date:

Jun 2020

Location:

United States of America

Summary

Roper St. Francis Hospital reported that approximately 6,000 patients had their personal and medical information compromised after attackers gained access through an employee's email. The exposed data included names, birth dates, detailed medical records, insurance information, and Social Security numbers. The breach was discovered after the unauthorized access occurred, and a toll‑free hotline was made available for affected individuals to inquire about their data. Officials noted that healthcare data is highly valuable on the black market, often fetching far more than credit card details.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
0 actors Available to members Available to members

Description

On June 13, 2020, attackers gained access to the email system of an employee at Roper St. Francis Hospital in Charleston, South Carolina, and maintained unauthorized entry until June 17, 2020. During this window, they exfiltrated a range of personal and health information from the hospital’s networks. The intrusion remained undetected until July 8, 2020, when hospital officials identified the breach and began an internal investigation. According to the hospital’s statement, the compromised data included patients’ names, birth dates, detailed medical records, insurance information, and Social Security numbers. The breach was attributed to a phishing or credential‑theft vector that exploited the employee’s email account.

Cyber Incident Image

Approximately 6,000 patients were confirmed to have had their information exposed, although the hospital noted that not all of its patient base was affected. The stolen records are described as highly valuable on the illicit market, with individual medical files potentially fetching up to $1,000 each. The breach was publicly disclosed in a Bitdefender blog post dated July 8, 2020. To assist affected individuals, Roper St. Francis Hospital established a toll‑free information line at 1‑888‑498‑0916, which became operational on September 4, 2020, allowing patients to inquire whether their data was part of the breach. The hospital communicated that individuals could call this line to obtain details about the specific information that may have been compromised and to receive guidance on next steps.

Sources
Sources available to members
1 source