Delaware Guidance Services for Children and Youth Ransomware Attack Affects 50,000 Patients

Delaware Guidance Services for Children and Youth (DGS) is notifying 50,000 individuals of a recent ransomware attack that saw the facility pay ‘thousands’ to the hackers.

The hackers launched the ransomware attack on Christmas Day, 2019. DGS, based in Wilmington, has not publicly revealed the sum of money paid to the hackers to unlock the files on its data servers. The hackers sent the decryption keys to DSG once they received the ransom payment.

Ransomware is malware variant which denies the user access to their device, or individual files on the device until a ransom has been paid to the scammer. Ransomware attacks are becoming increasingly common, particularly against organisations in the healthcare industry due to the high black-market of healthcare data. The malware is even available on the dark web. If a campaign were successful, it would prove a lucrative endeavour for the hacker with minimal effort on their part. The hacker often delivers malware through targeted phishing attacks.

DSG contracted a third-party IT cybersecurity company to conduct a forensic analysis of the ransomware attack. The investigators did not find evidence that the hacker accessed sensitive information before encrypting files, or that any of the files had been further compromised or stolen. The hacker’s sole motive appears to have been to extort money from DGS.

Following HIPAA’s Breach Notification Rule, DGS started sending notification letters to the parents and guardians of the affected children on February 26, 2019.

The investigators determined that the compromised files included names, addresses, birth dates, medical information, and Social Security numbers.

DSG has offered all affected individuals 12 months of complimentary credit monitoring services through MyIDCare.

DSG reported the ransomware attack to law enforcement and the Department of Health and Human Services’ Office for Civil Rights (OCR). The OCR breach summary indicates that the PHI of up to 50,000 individuals was potentially compromised in the attack.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at