Wayne Memorial Hospital in Jesup, GA over the weekend confirmed it notified 163,440 people of a May 2024 data breach that compromised the following personal info:
- Names
- Social Security numbers
- User IDs and passwords
- Financial account numbers
- Credit and debit card numbers, expiration dates, and CVV codes
- Medical history
- Diagnoses
- Treatments
- Prescriptions
- Lab test results and images
- Health insurance, Medicare, and Medicaid numbers
- Healthcare provider numbers
- State-issued ID numbers (e.g. driver’s license)
- Dates of birth
The hospital initially notified just 2,500 people of the breach in August 2024. It updated that figure to more than 160,000 over the weekend.
Ransomware gang Monti claimed responsibility for the breach and threatened to leak stolen data by July 8, 2024.
Wayne Memorial Hospital has not verified Monti’s claim. We do not know if the hospital paid a ransom, how much Monti demanded, why it took more than a year to notify victims, or how attackers breached the hospital’s network. Comparitech contacted Wayne Memorial Hospital for comment and will update this article if it replies.
“On June 3, 2024, WMH detected a ransomware event, whereby an unauthorized third party gained access to WMH’s network, encrypted some of WMH’s data, and left a ransom note on WMH’s network,” says the hospital’s notice to victims. “WMH’s forensic investigation found evidence that the unauthorized actor had access to a limited number of WMH systems between May 30, 2024 and June 3, 2024.”
Wayne Memorial Hospital is offering victims 12 months of free fraud assistance and credit monitoring through CyberScout. The deadline to enroll is 90 days from receipt of the notice letter.
Who is Monti?
Monti is a ransomware group that strongly resembles an earlier group with a similar name, Conti. It claimed its first attack in February 2023 but has been active since June 2022. It’s known for exploiting software vulnerabilities like Log4Shell. Monti both steals data and encrypts target systems, forcing targets to pay a ransom to delete stolen data and restore systems.
Monti has taken credit for 16 confirmed ransomware attacks in total. Two of those attacks also hit healthcare providers:
- Avezzano Sulmona L’Aquila (Italy) disclosed an April 2023 ransomware attack that caused widespread disruption for a month. Monti demanded $3 million for 500 GB of stolen data. ASL says it didn’t pay the ransom.
- Excelsior Orthopedics notified 394,752 people of a June 2024 data breach
In 2025, Monti has only claimed one confirmed attack. In March 2025, it hacked Amtech Software and stole more than 30 TB of data.
Ransomware attacks on US healthcare
Comparitech researchers logged 174 confirmed ransomware attacks on US healthcare providers in 2024, compromising 28.6 million records.
Other such breaches from 2024 that were recently confirmed in 2025 include:
- Aspire Rural Health System notified 138,000 of a November 2024 data breach claimed by BianLian
- Legacy Treatment Services notified 41,826 people of an October 2024 data breach claimed by Interlock
In 2025 to date, we’ve recorded 57 confirmed ransomware attacks on US healthcare providers, compromising 5.2 million records. Last week, we confirmed two others:
- Medical Associates of Brevard notified (PDF) victims of a January 2025 data breach claimed by BianLian
- New York Blood Center Enterprises reported a January 2025 ransomware attack by unknown hackers
Another 132 such attack claims made by ransomware groups in 2025 have yet to be confirmed by the targeted organizations.
About Wayne Memorial Hospital
Wayne Memorial Hospital in Jesup, Georgia has 84 beds and employs 500 people, according to its website.
