Mt. Graham Regional Medical Center Public Notice

Update 12/05/2023

Hospital phone scams are growing in prevalence.

Your Mount Graham Regional Medical Center (MGRMC) has been notified of recent scam calls to Gila Valley residents.  These scammers pose as hospital employees and attempt to steal personal information from unsuspecting patients and caregivers. Follow the tips below to protect your personal information and keep your hard-earned money safe.

Don’t rely on area codes or caller ID to determine if a caller is trustworthy. Scammers will often call with an area code that will look familiar to victims or match up with their phony backstory. Modern technology makes it possible for individuals to manipulate caller ID, fooling the system into displaying that the number belongs to a hospital.

Know that MGRMC officials will never call you to ask for sensitive information. Be wary of anyone asking for your Social Security number, bank account information, or financial details. When in doubt, hang up and contact MGRMC directly to find out if they require any information or payment from you.

•  If you receive a suspicious call, notify MGRMC. If someone is impersonating hospital staff and attempting to defraud patients, report it to MGRMC at 1-800-664-3509.   We can issue a warning through the media and our partners, preventing scammers from successfully deceiving their victims.

This most recent wave of scams is a reminder to always be vigilant when speaking with unknown callers. By remembering these tips and sharing them with your friends and family, you can help curb the tide of hospital phone scams, keep your money in your pocket, and ensure that your personal information stays protected.”

Update 11/15/2023

We are writing in follow up to our previous communications regarding the ransomware attack on Mt. Graham Regional Medical Center (MGRMC).

What happened?

On September 27, 2023, Mt. Graham Regional Medical Center (MGRMC) detected and stopped a sophisticated ransomware attack that occurred on September 13, 2023 [Please confirm date and add this date to the patient letter as well.]. Immediately upon discovering the attack, MGRMC engaged its 3rd party cyber security partner and incident response team to assist with securing the network environment, minimizing damages and counteracting the assault, restoring operations, and facilitating the solid recovery of its systems. Within four hours of discovering the attack, we successfully secured the network to prevent any further access from threat actors. 

What Information was Involved:

Unfortunately, despite these efforts, the cybercriminal was able to access or acquire a subset of data, which included for some patients:

  • Demographic information such as names, addresses, email addresses, phone/fax numbers, dates of birth, driver’s license numbers, passport numbers, gender, and SSNs,
  • Treatment information such as medical record numbers and data, dates of service, and
  • Financial information such as billing account numbers, Medicare numbers, Medicaid numbers, insurance numbers, credit Card numbers.

We are sending individual letters to impacted patients with specific details about potentially accessed data.

What We Are Doing:

As part of our efforts to prevent future incidents and minimize the harm to patient information, we performed a forensics security investigation, we alerted government agencies, including the FBI, and we are working with experts in the field to enhance our cyber security systems. We have engaged TransUnion to provide patients with free credit monitoring and identity theft services for a period of twelve (12) months.

What Patients Can Do:

We recommend that patients continue to join us in remaining vigilant to protect their personal information through the following steps.

  • Place a “Fraud Alert” with the three credit bureaus. To do this, contact any of the three major credit bureaus via the information below. When one credit bureau confirms the fraud alert, the others are notified to place fraud alerts. The initial fraud alert stays on the credit report for one year. It can be renewed after one year.

Equifax                                                            Experian                                  Trans Union       

(800) 685-1111                                                (888) 397-3742            (800) 909-8872

  • Ask each credit bureau to send a free credit report after it places a fraud alert on the file. Review the credit reports for unfamiliar accounts and inquiries. These can be signs of identity theft. If personal information has been misused, visit the FTC’s site at to report the identity theft and get recovery steps. Even if there is not any suspicious activity on the initial credit reports, the FTC recommends that people check their credit reports periodically so they can spot problems and address them quickly.


  • Monitor bank and credit card statements.


  • If personal information has been misused, visit the FTC’s site at to report the identity theft and get recovery steps.

For more information:


We take patient privacy very seriously and sincerely apologize for and regret any concern or inconvenience this matter has caused.

If you have any questions or need additional information, please contact Danny Smith, Director of Community Relations at 1-800-664-3509 during the hours of 9:00 a.m. to 5:00 p.m., Monday-Friday.

Update 10/13/2023

MGRMC has made great progress restoring our computer information systems from our recent ransomware attack. Internal access to our systems and data has been restored. Patients can now access their information through our online patient portal. We are pleased to report that despite the challenges, we have been able to meet all employee payroll and accounts payable commitments. 

As an essential critical access hospital, MGRMC has a strong Incident Command structure. Following our processes, we implemented our downtime procedures, which proved essential and effective, and deployed our incident command team and our recovery team. Throughout the cyber-attack we experienced, patient care has remained our focus. Through immense work and dedication, our staff have remediated most issues as we continue to restore our systems. 

As previously reported, we have engaged an experienced firm to review impacted systems. Initial reviews have determined that the patient medical record system was not breached and we are finalizing our review of all systems to determine if any patient information was compromised. As we continue our investigation, we will communicate directly with any impacted individuals. 

We are community-owned and governed. We are proud of the 50-year relationship we have with the community and our focus throughout this challenge has been delivering exceptional care. The speed at which we have been able to recover is a credit to our dedicated staff going above and beyond with many long days and nights. 


Update 10/4/23– MGRMC’s cyber security investigation and remediation of our system outage is ongoing. Over the weekend and today, we are making significant progress in bringing systems back to operation and accessing information. Since September 27th, MGRMC has taken proactive measures to address the situation. Downtime procedures have been implemented, and further solutions are completed hourly toward full systems restoration.

The disruption, although inconvenient, has had limited impact on patient experience. As a practice, MGRMC has prioritized redundancy and patient information safety in providing excellent care. If we determine that patient information was compromised, we will communicate directly with impacted patients. If you are or have been a patient of MGRMC, we recommend you monitor your account statements, stay vigilant about your personal data, and contact law enforcement if you feel your information may be compromised.

If you have any questions, please call our community relations team at 928-348-3777. Information and updates may be found at

Update 9/28/23– MGRMC is investigating a cybersecurity incident that is affecting its communication and information systems. We are working closely with law enforcement and outside experts to assess the scope and impact of the incident, including whether any patient information was compromised. If we determine that patient information was compromised, we will communicate directly with impacted patients. If you are or have been a patient of MGRMC, we recommend you monitor your account statements, stay vigilant about your personal data, and if you feel your information may be compromised, contact law enforcement.

If you have any questions, please call our community relations team at 1-800-664-3509 Information and updates may be found at