A hacker crippled the operations of the Oklahoma-based hospital Great Plains Regional Medical Center, which led to the loss of patient information and data on more than 130,000 people.
Hospitals and other medical institutions are among the organizations most targeted by hacking groups wielding ransomware. The attackers know that such organizations are likely not investing in cybersecurity as much as they should, and they have a lot to lose if the attack succeeds.
In a brief security incident notice, the hospital said it fell victim to an attack and revealed that an unknown attacker had access to systems for three days.
“On September 8, 2024, we suffered a ransomware attack on our computer system,” the hospital explained.
“We secured our systems and began an investigation with the help of a cybersecurity firm. This investigation showed that an unknown person accessed and encrypted files on our systems between September 5, 2024 and September 8, 2024.”
“We learned that the bad actor copied some of those files. We quickly restored our systems and returned to normal operations, but we also determined that a limited amount of patient information was not recoverable.”
The hackers stole a lot of information, including complete names, demographic information, health insurance information, and clinical treatment information, such as diagnosis and medication information, driver’s license number, and/or, in some instances, Social Security Numbers.
There are no other details on the attack, but the report to HHS’ Office for Civil Rights says 133,149 current and former patients have been affected. The Oklahoma hospital has begun the process of informing affected patients.
Use Bitdefender Digital Identity Protection to bolster your cyber resilience against data breaches with:
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024