Pierluigi Paganini
November 19, 2024
On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The organization launched an investigation into the incident with the help of a cybersecurity firm. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. The experts believe that the attackers also copied some of those files.
“On September 8, 2024, we suffered a ransomware attack on our computer system. We secured our systems and began an investigation with the help of a cybersecurity firm. This investigation showed that an unknown person accessed and encrypted files on our systems between September 5, 2024 and September 8, 2024.” reads the notice of security incident published by the organization. “We learned that the bad actor copied some of those files. We quickly restored our systems and returned to normal operations, but we also determined that a limited amount of patient information was not recoverable.”
The Oklahoma Medical Center reported to the US Department of Health and Human Services that the incident impacted 133,149 individuals.
The Great Plains Regional Medical Center announced that it had quickly restored its systems and returned to normal operations, however, it was not able to ever a limited amount of patient information.
The exposed patient info varied by individual and may include name, demographic information, health insurance information, clinical treatment information, such as diagnosis and medication information, driver’s license number, and/or in some instances, Social Security number.
The organization is notifying impacted patients and is offering them free credit monitoring if their sensitive data like Social Security or driver’s license numbers were compromised.
The medical center did not share information about the family of ransomware that hit the organization. At this time, no ransomware groups claimed responsibility for the security breach.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
