Montgomery General Hospital Reportedly Experiences Data Breach Following Ransomware Attack

Console and Associates, P.C.

On April 2, 2023, a prominent cybersecurity website reported that Montgomery General Hospital (“Montgomery,” “MGH”) may have experienced a data breach. Based on the report, the incident resulted in an unauthorized party gaining access to confidential patient and employee information. Once Montgomery General Hospital verifies what, if any, information was leaked, it will likely be required to issue data breach letters to all affected patients and employees. However, because the breach is very recent, Montgomery General Hospital is still in the process of investigating the incident.

If you receive a data breach notification from Montgomery General Hospital, it is essential you understand what is at risk and what you can do about it. As we’ve discussed in prior posts, ransomware attacks are one of the leading types of cyberattacks because they give the hackers an opportunity to exploit organizations in multiple ways; first, by locking them out of their computer systems and, second, by threatening to leak stolen data If the ransom isn’t paid. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the potential Montgomery General Hospital data breach, reach out to a data breach attorney for assistance.

What We Know So Far About the Unconfirmed Montgomery General Hospital Breach

News of the Montgomery General Hospital is still fresh; however, according to a recent news report from, a member of the D#nut group reached out to to announce the attack. Evidently, the D#nut group used a Microsoft Exchange exploit to gain access to Montgomery’s computer network, which is how they were able to access the information.

In response, Montgomery began negotiations with the D#nut group, although the negotiations were not fruitful. Based on reports, it appears that the ransomware group initially asked for $750,000, which was rejected by MGH around March 5, 2023. After a back-and-forth lasting 26 days, the D#nut group leaked the stolen data, which is reported to include Social Security numbers, patient files with medical histories, diagnoses, treatment plans, test results, and health insurance billing records with policy information, dates of services, CPT codes, and the amounts charged for treatment.

More Information About Montgomery General Hospital

Montgomery General Hospital is a healthcare services company based in Montgomery, West Virginia. MGH has a 25-bed acute care unit, an emergency department, a sleep lab, and an on-site laboratory. Montgomery General Hospital also provides a range of radiology and imaging services. Montgomery General Hospital also operates Montgomery General Elderly Care, Montgomery General Extended Care, and Montgomery MedCorp, Inc. Montgomery General Hospital employs more than 290 people and generates approximately $24 million in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide