An Atlanta healthcare system has been hit with a data breach and a ransomware attack that impacted the electronic health records of nearly 80,000 patients.

On Jan. 3 Emory Healthcare, the largest healthcare system in Georgia encompassing six hospitals, the Emory Clinic and more than 200 provider locations, reported to the federal government a data breach and a ransomware attack.

Ransomware is a type of malicious software designed to block access to a computer system. Criminals demand money to unblock the affected network.

The data breach happened when an intruder gained unauthorized access to an online physician appointment scheduling program used by Emory’s orthopedics and spine center and its brain health center.

The intruder gained unauthorized access to patients’ names, dates of birth, contact information, internal medical record numbers, and appointment information such as dates of service, physician names and whether patients required imaging. The database did not contain patients’ Social Security numbers, financial information, diagnosis or other electronic medical record information, Emory says.


In the ransomware incident, Emory says over the New Year’s holiday weekend the cyber thieves eliminated the Emory patient scheduling and patient records database and demanded payment to restore it.

Emory didn’t say if the health system paid the cyber thieves any ransom or if the database has been restored. “Once EHC learned that this third-party database was accessed improperly, we immediately initiated an internal investigation, alerted law enforcement and are in the process of notifying impacted patients,” the health system says.

Emory has notified patients impacted by the breach and is working with an unidentified outside security firm to tighten up its data protection program but has yet to release any other public statement.

The Emory Healthcare data breach is the biggest so far this year, according to the U.S. Department of Health and Human Services Office of Civil Rights.