Curated Content | Thought Leadership | Technology News

Massive Data Breach Exposes Information of 316,000 Anna Jaques Patients

One year later.
Cambron Kelly
Contributing Writer
Ambulance truck lights flashing in a closeup. Seamless, looping animation. 4KHD

Anna Jaques Hospital in Newburyport, Massachusetts, recently disclosed a ransomware attack that compromised the personal data of over 316,000 patients on Christmas Day 2023. While the hospital contained the attack and engaged cybersecurity experts to investigate, notification letters to affected individuals were not sent until December 2024, nearly a year later.

Data compromised in the breach includes sensitive medical, financial, and personal information, some of which has reportedly been published on the dark web.

The attack, attributed to the Money Message ransomware group, underscores the persistent vulnerabilities faced by healthcare institutions and the significant delays that can occur in breach reporting. Despite offering credit monitoring services to affected individuals, concerns remain over the timeliness of the hospital’s response and the long-term impact on patient trust.

Why It Matters: Cyberattacks on healthcare organizations pose serious risks, exposing sensitive patient data and threatening the integrity of critical systems. This incident highlights the importance of timely notification and robust cybersecurity practices to safeguard patient trust and minimize potential harm. By addressing the challenges posed by such breaches, institutions can improve resilience and ensure better protection for those they serve.

  • Scale and Nature of the Breach: The ransomware attack compromised the data of 316,342 individuals, including names, medical records, Social Security numbers, and financial details. The Money Message ransomware group claimed responsibility, stealing 600GB of data, which has been publicly accessible since January 2024.
  • Delayed Notifications: Despite identifying the breach in late 2023, the hospital issued patient notifications only in December 2024. This delay has drawn criticism for giving bad actors ample time to misuse the stolen data.
  • Hospital Response: Anna Jaques engaged cybersecurity professionals to contain the breach, investigate the incident, and mitigate its impact. Affected individuals were offered two years of credit monitoring services, though experts note this may be insufficient given the data’s prolonged exposure.
  • Data Published on the Dark Web: Following the hospital’s refusal to pay the ransom, the stolen data was leaked online in January 2024. The information remains accessible.

Go Deeper -> Anna Jacques Hospital Notifies 316K Patients About December 2023 Ransomware Attack – The HIPAA Journal

Mass. hospital still dealing with cyberattack – EMS 1

Personal information breached during Christmas 2023 cyberattack on Anna Jaques Hospital – WCVB

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters