A Disturbing Development in Healthcare Cybersecurity

Patients of Integris Health in Oklahoma are currently facing a dire situation. They have been receiving blackmail emails following a cyberattack on the state’s largest not-for-profit health network. These emails threaten that unless a ransom is paid, the stolen patient data will be sold to other malicious entities.

The Cyberattack on Integris Health

In November, Integris Health confirmed a cyberattack that compromised patient data. Their website’s data privacy notice detailed the discovery of unauthorized activity on their systems and the immediate steps taken to secure the environment and investigate the breach. It was determined that on November 28, 2023, certain files had been accessed by an unauthorized party.

The Extortion Scheme

On December 24th, patients began receiving emails claiming that personal data of over 2 million individuals had been stolen. This data includes sensitive information such as Social Security Numbers, dates of birth, addresses, phone numbers, insurance, and employer details. The extortion email offers patients the chance to remove their data from the hackers’ database before it is sold.

A linked Tor extortion site lists the stolen data of approximately 4,674,000 people, offering options to delete a data record for $50 or view it for $3. Integris Health has advised patients not to respond to these emails or interact with the links provided.

Similar Incidents and the Risks Involved

This incident mirrors a similar situation at Fred Hutchinson Cancer Center, where patients received extortion emails from the Hunters International ransomware gang. The pattern suggests a possible connection between the two attacks.

Patients may feel tempted to pay the ransom to protect their identity, but history shows that paying does not guarantee the safety or deletion of data. Furthermore, paying can make individuals more vulnerable to further extortion.

SilverCod’s Stance on Cybersecurity

At SilverCod, we firmly believe in the adage, “an ounce of prevention is better than cure.” It’s essential to minimize the attack vector and limit the digital attack surface to prevent such breaches. Proactive measures in cybersecurity are crucial, especially in sectors as sensitive as healthcare, where patient data is involved.

Need Robust Cybersecurity Solutions? Contact SilverCod

If your organization is seeking expert assistance in securing, defending, and protecting digital assets, especially websites, SilverCod is here to help. Our expertise lies in providing comprehensive cybersecurity solutions, ensuring your digital presence is safeguarded against such threats.

🔒 Reach out to SilverCod today for top-tier cybersecurity support. Let us handle your digital security, so you can focus on running and growing your business with peace of mind.

Book A Discovery Call

Book A Call

Reach out to us today and get a complimentary review and consultation.