Malware
Integris Health Patients Face Extortion Threats Following Devastating Cyberattack
Integris Health patients have been receiving threatening extortion emails following a recent cyberattack. The healthcare provider suffered a data breach in which patient information was stolen, and the attackers are now demanding ransom payments to avoid publishing the sensitive data. Integris Health is working with law enforcement to resolve the issue and support affected patients.
Imagine waking up one morning to an email stating that your personal data has been stolen in a cyberattack, and unless you pay an extortion demand, the data will be sold to other criminals. This nightmare is a reality for many Integris Health patients in Oklahoma.
Integris Health, Oklahoma’s largest not-for-profit health network, confirmed that they suffered a cyberattack in November that led to the theft of patient data. As a result, patients are now receiving blackmail emails containing accurate personal information, including Social Security Numbers, dates of birth, addresses, phone numbers, insurance information, and employer information.
The Extortion Demands
The hackers behind the attack claim to have stolen the personal data of over 2 million patients. In their extortion emails, they state that they have contacted Integris Health, but the healthcare network refuses to resolve the issue. They are now giving patients the “opportunity” to remove their personal data from the hackers’ databases before they sell the entire database to data brokers.
The emails include a link to a Tor extortion site that currently lists the stolen data for approximately 4,674,000 people, including their names, Social Security Numbers, dates of birth, and information about hospital visits. The website allows visitors to pay $50 to delete their data record or $3 to view it.
While it is unclear if any of the data records are duplicates, it is evident that a significant number of people have been affected by this attack.
The Dangers of Paying the Ransom
Integris Health is aware of the emails sent to patients and has updated its security notice to warn recipients not to respond, contact the sender, or click on any of the links in the email. They advise that paying the ransom is not a guarantee that the data will be deleted. In fact, once you pay a ransom, the criminals know that you are concerned about your data and may attempt to extort you further.
It is worth noting that a similar ransomware attack occurred at the Fred Hutchinson Cancer Center (Fred Hutch), where patients were also given the option to visit a dark website and delete their data by paying $50. This suggests that the same group of criminals may be behind both attacks.
So, What Can You Do?
The unfortunate truth is that there is no simple solution to this problem. Cybersecurity is an ongoing battle, and hackers are continuously developing new methods to exploit vulnerabilities. However, there are steps that both individuals and organizations can take to protect themselves and their data.
First and foremost, make sure you are using strong, unique passwords for all your accounts and enable multi-factor authentication when available. Regularly update your software and operating systems and be cautious of phishing scams and suspicious emails.
For organizations, investing in a robust cybersecurity infrastructure and providing regular training for employees on recognizing and avoiding cyber threats is essential.
Stay Informed and Stay Safe
As an IT Services company, we are dedicated to helping people and businesses stay informed about the latest cybersecurity threats and best practices to protect themselves. Subscribe to our newsletter and follow our blog to keep up-to-date with the latest news, tips, and advice on staying safe in the digital world.
If you have any questions or concerns about your cybersecurity or need assistance in protecting your personal or business data, don’t hesitate to reach out to us. We are here to help!