Hackers have struck a Maryland medical group and a California hospital in separate ransomware attacks, compromising the data of more than 1.1 million patients. The cybercriminals behind these attacks claim to have stolen 480 gigabytes of data from one of the incidents.
Frederick Health, based in Maryland, reported the breach to the U.S. Department of Health and Human Services on March 28, revealing that 934,326 individuals were affected by the ransomware attack that occurred on January 27. The medical group stated that the hackers infiltrated their IT systems and exfiltrated sensitive information.
Although no specific ransomware group has claimed responsibility for the attack on Frederick Health, the situation was different for Dameron Hospital in California. The hospital reported the breach to the Office for Civil Rights on April 2, affecting nearly 211,000 individuals. In this case, a cybercriminal group known as RansomHouse took credit for the attack that occurred in November 2023. They boasted about encrypting Dameron’s IT systems and stealing 480 gigabytes of data, some of which was posted on their dark web site.
Following the discovery of the ransomware attack, Frederick Health immediately initiated their incident response protocols, securing their systems and notifying law enforcement. The investigation revealed that the attackers accessed and copied files containing sensitive patient information such as names, addresses, Social Security numbers, and medical records. Despite the breach, Frederick Health continued to provide patient care and made progress in restoring their systems.
On the other hand, Dameron Hospital contained the threat upon discovery of the incident in November 2023 and conducted a thorough investigation. They discovered on March 21, 2025, that personal and protected health information was possibly removed by an unauthorized third party. The compromised information included names, dates of birth, financial details, medical records, and insurance information. The hospital began notifying affected individuals on April 2, 2025, which was 15 months after the breach was discovered.
Healthcare organizations are advised to have robust incident response and crisis management strategies in place to mitigate the impact of cyberattacks. A recent report by security firm Semperis highlighted that while most healthcare respondents have comprehensive cybercrisis response plans, a significant number still experienced high-impact incidents that disrupted critical business functions. It is crucial for organizations to regularly update their response plans and improve communication and coordination to effectively respond to cyber threats.
In conclusion, the ransomware attacks on Frederick Health and Dameron Hospital underscore the importance of cybersecurity preparedness in the healthcare sector. With cyber threats on the rise, organizations must remain vigilant and proactive in safeguarding sensitive patient information to prevent data breaches and protect individual privacy.