Pierluigi Paganini January 03, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals.

New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals.

Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including inpatient and outpatient care, emergency services, and specialty care in areas such as cardiology, oncology, pediatrics, and behavioral health.

In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption. The attack forced manual data entry and individual patient monitoring.

RUMC hasn’t disclosed details about the attack, such as the ransomware group that breached its systems. At the time of this writing, no ransomware group claimed responsibility for the attack.

Despite the challenges, the hospital maintained full patient services, limiting disruptions to overnight trauma and stroke care. A recovery team, with help from a cybersecurity firm, worked to restore systems and assess the attack’s scope, including its potential impact on patient data. Emergency care and patient admissions remained unaffected during the incident.

RUMC disclosed a data breach that potentially involved sensitive files containing personal and health information, including names, Social Security numbers, dates of birth, driver’s license numbers or state identification numbers, other government identification numbers, financial account information, credit or debit card information, biometric information, user credentials, medical treatment/diagnosis information, and/or health insurance policy information.

“We discovered unauthorized access to our network that resulted in the unauthorized access to, or acquisition of, certain files by an unauthorized actor. Upon learning of this issue, we immediately contained and secured the threat and commenced a prompt and thorough investigation.” reads the incident notice published by the RUMC. “Our investigation was done in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been compromised because of the incident. Although the initial forensic investigation determined our electronic health records system was not affected by the incident, the investigation subsequently determined that certain other files may have been accessed or removed from our network on or around May 6, 2023.”

The company notified impacted individuals and advised them on protective measures.

RUMC offered 12 months of free credit monitoring to those individuals with compromised Social Security numbers.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)