Integris Health Reveals Massive Data Breach Affecting 2.4 Million Patients: Urgent Update

A Massive Data Breach Hits Oklahoma’s Largest Healthcare Network

Integris Health, Oklahoma’s largest not-for-profit healthcare network, recently revealed the extent of a data breach it suffered last November. The breach exposed the personal information of nearly 2.4 million people, making it a significant incident that demands attention.

Patients Receive Extortion Emails as a Result of the Breach

In December 2023, Integris Health confirmed it had suffered a cyberattack after patients started receiving extortion emails. These emails contained sensitive personal information and threatened that the stolen data would be sold to other cybercriminals unless the healthcare organization met the attacker’s demands by January 5, 2024.

Interestingly, the attackers claimed that their attack did not involve encryption, and they only stole the data. As a result, Integris Health’s network remained functional, allowing them to continue providing services to patients.

Stolen Patient Data Available on the Dark Web

The emails that patients received included accurate information and linked to a website on the Tor network hosting the stolen details. However, access to this information was not free. Visitors could either pay $50 and take the attacker’s word that their details would be removed, or pay $3 to view information belonging to any other impacted individual.

What Kind of Data Was Leaked?

In a recent notification, Integris Health confirmed the types of patient data impacted by the breach:

• Full name
• Date of birth
• Contact information
• Demographic information
• Social Security Number (SSN)

Fortunately, the leaked data did not involve employment information, driver’s licenses, account credentials (usernames and passwords), or financial information.

A Dark Web Marketplace and the Number of Affected Patients

The attackers claimed they were selling data for 2.3 million Integris patients on a dark web marketplace. However, the U.S. Department of HHS Office for Civil Rights (OCR) portal now shows that the number of impacted Integris Health patients is actually 2,385,646.

What’s Next for the Affected Patients?

Integris Health says all affected patients will receive individual notifications. They encourage recipients to remain vigilant and report any identity theft or fraud attempts as soon as possible.

The organization has also published an FAQ in the form of a PDF that offers additional information about the incident, its impact on patients, and protective steps they can take.

Be Prepared for the Aftermath

It’s essential to remember that the deadline set by the threat actor for Integris Health to pay a ransom has long passed, meaning the stolen data has likely been sold or shared with other cybercriminals. These criminals could use the information for various scams, phishing, or other types of attacks.

Stay Informed and Stay Protected

As an IT Services expert, we’re here to help you stay informed about cybersecurity threats and offer guidance on how to protect yourself and your organization. Contact us to keep learning more and ensure you’re prepared for the ever-evolving landscape of cybersecurity.