Gwinnett Medical Center investigates possible data breach

Updated: Patient records may have been leaked online due to the alleged security incident.
Written by Charlie Osborne, Contributing Writer

Gwinnett Medical Center is investigating a possible data breach involving the leak of patient information online.

However, details surrounding the potential data breach, discovered by Salted Hash, are vague.

The publication was made aware of an IT incident at GMC Lawrenceville taking place on September 29, involving "several hundred patient records at the least." After the discovery was made, the threat actors behind the alleged attack "made threats," according to Salted Hash.

Located in Gwinnett County, Georgia, Gwinnett Medical Center (GMC) is a not-for-profit network of healthcare providers. The organization accounts for 553 beds, employing over 5,300 members of staff and catering to 800 affiliated physicians.

It is believed that patient records held by the group may have been leaked online three days after the incident came to light. Allegedly, the full names, dates of birth, and gender of some patients were made public on Tuesday.

TechRepublic: Why nearly 50% of organizations are failing at password security

The Federal Bureau of Investigation (FBI) appeared and offered to assist; however, it is not yet known whether the agency was called or was already aware of the apparent security breach.

A spokesperson for GMC told the publication that there was no data breach, but did say the not-for-profit is investigating an "IT incident" which occurred last week. External partners have also been called in to assist.

CNET: Facebook finds 'no evidence' hackers accessed outside apps

"GMC takes cyber security very seriously and we are committed to maintaining the integrity, availability, and confidentiality of our systems and data," the organization said. "That starts with identifying threats and conducting audits and it includes the processes, procedures, and safeguards that we have in place to protect our systems."

See also: Data management firm Veeam mismanages own data, leaks millions of records

While it is not known who may be behind the alleged incident, a source told the publication that the reported attack may have been the work of a group known as Particle Matrix.

The connection was made due to an apparent attempt to shame the organization at the time of the leak, in which the attackers claimed GMC was attempting to "cover up" the incident.

In related news, a US high school leaked sensitive medical records containing student information in August. Data including physical and mental health conditions, medications required, and information relating to behavioral and learning difficulties in a security incident which has been deemed "appalling."

Update 16.17 BST: A GMC spokesperson told ZDNet:

"Gwinnett Medical Center recently discovered a security incident. At this time, we are continuing to investigate the issue [...] I can confirm that patient care activities have not been impacted.

Furthermore, we immediately engaged experts to assist us and are fully cooperating with law enforcement. GMC takes the security of personal information very seriously and we are committed to maintaining the confidentiality of patient and personal information."

Update 16.58BST: The spokesperson confirmed to ZDNet that "names, dates of birth, and gender relating to approximately 40 people were provided on Twitter. We are still investigating the issue."

The worst cyberattacks undertaken by nation-state hackers

Editorial standards