Ransomware Attack on Oklahoma Medical Center Impacts 133,000

1 month ago 9
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals that their personal information was compromised in a ransomware attack.

The public, not-for-profit healthcare system discovered the attack on September 8, 2024, when ransomware was deployed, but the attackers had access to its systems for at least three days prior.

According to the medical center, the attackers accessed and encrypted certain files between September 5 and September 8, and exfiltrated information from its systems.

“We learned that the bad actor copied some of those files. We quickly restored our systems and returned to normal operations, but we also determined that a limited amount of patient information was not recoverable,” Great Plains Regional Medical Center says in an incident notice.

The compromised information, the hospital explains, includes names, driver’s license numbers, Social Security numbers, demographic information, health insurance information, and diagnosis and medication information.

“We are mailing letters to affected patients and offering free credit monitoring to those whose Social Security number or driver’s license number may have been involved,” the medical center says.

Last week, Great Plains Regional Medical Center informed the US Department of Health and Human Services that 133,149 individuals were impacted by the incident.

The medical center has not shared information on the threat actor behind the attack and SecurityWeek has not seen any known ransomware groups claiming responsibility for the incident.

Advertisement. Scroll to continue reading.

Located in Elk City, Oklahoma, the 62-bed hospital serves Western Oklahoma and the Eastern Texas Panhandle, offering a wide range of healthcare services, including 24-hour emergency care.

Related: Ransomware Attack Disrupts Georgia Hospital’s Access to Health Records

Related: US to Invest $50 Million in Securing Hospitals Against Cyber Threats

Related: Suit Blames Baby’s Death on Cyberattack at Alabama Hospital

Related: Vulnerabilities in Popular Open Source Management Tool Expose Hospitals to Attacks

Read Entire Article