LOUISVILLE, Ky. — Months after a “cyber event,” Norton Healthcare now says it was the victim of a ransomware attack in May 2023.
Six months ago, when the attack happened, Norton had to take its network offline. it also said it received a fax that contained threats and demands. Norton Healthcare contacted the FBI and has been working with forensic security to investigate the unauthorized access.
In a news release on Dec. 12, Norton Healthcare said their investigation found the unauthorized access occurred to “certain network storage devices.” The storage devices were compromised between May 7 and May 9, 2023.
Norton Healthcare says it has found no evidence the cybercriminals access its medical records system or Norton MyChart, an online patient portal.
The not-for-profit health system with eight hospitals in Kentucky and Indiana is now mailing letters to anyone impacted by the incident. The hospital group says anyone whose information may have been compromised will be given two years of free credit protection services. Norton Healthcare says more details about the credit protection will be spelled out in the letters being sent out.
Norton Healthcare has set up a special call center to answer questions from anyone affected. The number is 866-983-5764 and the lines are open Monday through Friday from 9:00 a.m. until ^:30 p.m Eastern Time.