Integris Well being has reported to U.S. authorities that the data breach it suffered final November uncovered private info belonging to virtually 2.4 million individuals.
The group is Oklahoma’s largest not-for-profit healthcare community, working hospitals, clinics, and emergency care items throughout the state.
On December 26, 2023, the group confirmed it suffered a cyberattack after sufferers began receiving extortion emails informing that their delicate private info. Except Integris Well being met the attacker’s calls for, the stolen information would be bought to different cybercriminals on January 5, 2024.
The risk actor advised BleepingComputer that their assault didn’t contain encryption they usually solely stole the information.
This didn’t trigger any community interruption and allowed Integris Well being to maintain offering its providers to sufferers.
The emails the sufferers obtained from the risk actor contained correct info and linked to an internet site within the Tor community internet hosting the stolen particulars, however entry was not free.
Guests might pay $50 and belief the attacker’s phrase on eradicating the main points, or pay $3 to view info belonging to another impacted particular person.
Integris printed final week a notification confirming that the incident impacted affected person information, which included the next particulars:
- Full identify
- Date of delivery
- Contact info
- Demographic info
- Social Safety Quantity (SSN)
The group clarified that the leaked information didn’t contain employment info, driver’s licenses, account credentials (usernames and passwords), or monetary info.
Speaking to BleepingComputer, the risk actor mentioned that they’re promoting on a darkish internet market information for two.3 million Integris sufferers (based mostly on the variety of social security numbers within the database).
In a brand new entry immediately, the U.S. Division of HHS Workplace for Civil Rights (OCR) portal exhibits that the variety of impacted Integris Well being sufferers is 2,385,646.
Integris Well being says all affected sufferers will obtain particular person notifications, and recipients ought to stay vigilant to identify and report identification theft and fraud makes an attempt early.
The group has printed a FAQ within the type of a PDF the place victims can discover some extra info relating to the incident, the way it impacts them, and what protecting steps they’ll take.
It’s value noting that the deadline the risk actor set for Integris Well being to pay a ransom has lengthy handed and it is vitally doubtless that the stolen information has been bought or share with different cybercriminals, who might use it for numerous scams, phishing, or different kinds of assaults.
