Great Plains Regional Medical Center notifies 133K people of data breach that compromised SSNs and medical info

Great Plains Regional Medical Center over the weekend confirmed it notified 133,149 people of a September 2024 data breach that compromised patients’ names, Social Security numbers, health insurance info, clinical treatment info, driver’s license numbers, and demographic details.

GPRMC says it suffered a ransomware attack, though no cybercriminal group has claimed responsibility yet. “This investigation showed that an unknown person accessed and encrypted files on our systems between September 5, 2024 and September 8, 2024. We learned that the bad actor copied some of those files,” GPRMC’s notice states.

We do not yet know whether GPRMC paid a ransom, how much attackers demanded, or how attackers breached GPRMC’s network. Comparitech contacted GPRMC for comment and will update this article if it responds.

GPRMC is offering free credit monitoring to victims whose Social Security numbers were compromised. Eligible victims should receive a letter with enrollment instructions in their mail or email by December 7, 2024.

Ransomware attacks on US healthcare

Ransomware attacks on hospitals, clinics, and pharmacies can steal data and lock down computer systems used for everything from accessing medical records to bill payments. Providers might be forced to cancel appointments and switch to pen-and-paper processes until a ransom is paid to unlock their computer systems.

In 2024 so far, Comparitech researchers logged 121 confirmed ransomware attacks on US hospitals, clinics, and other medical institutions including pharmaceutical and medical manufacturing companies. Those attacks compromised 116,432,379 records, with an average ransom of $5.1 million.

American Associated Pharmacies reportedly paid a $1.3 million ransom to unlock its systems. AAP’s attacker, ransomware gang Embargo, demanded another $1.3 million in exchange for not selling or publishing stolen data.

Another 171 such attacks were claimed by ransomware gangs but not confirmed by targets so far this year.

About Great Plains Regional Medical Center

Great Plains Regional Medical Center (GPRMC) is a 62-bed hospital in Elk City, Oklahoma. It treats 14,000 emergency room patients and 3,500 surgical patients per year, its website says. It employs between 200 and 500 people, according to its LinkedIn profile.


Source link
Exit mobile version