St. Joseph’s Candler (SJC), one of the largest health systems in Georgia, has begun notifying patients of a six-month-long data breach that was the result of a ransomware attack. The system represents one of the largest health care organizations in Savannah. SJC claimed that it became aware of suspicious network activity on the morning of June 17, 2021. As the activity was investigated, SJC’s security teams concluded that a ransomware attack was to blame. The organization stated that steps were taken to limit the impact of the cyberattack.

The health system used social media to spread the word of the incident while its network was offline and devices inaccessible. During the downtime, doctors and employees reverted to paper procedures to complete documentation. Appointments remained largely unaffected. The health system has now begun its notification process to alert anyone whose personal or patient data has been compromised. Data that may have been stolen includes dates of birth, names, addresses, patient account number, billing account number, Social Security number, financial information, health insurance plan ID, medical and clinical treatment information, provider names, and medical record numbers.

Read More: Data Breach at Georgia Health System