Will hackers fulfill their conditions if you pay them $ 50?
Patients at Integris Health in Oklahoma are receiving blackmail emails saying that their data was stolen in a cyberattack on the health care network, and if they do not pay the ransom, the data will be sold to other cybercriminals.
Integris Health is the largest non-profit network of medical institutions in the state of Oklahoma, USA, including hospitals, clinics and emergency care centers throughout the state.
Integris Health confirmed that in November, the company was hacked into "certain systems", which led to the theft of patient data.
Upon learning of the suspicious activity, INTEGRIS Health immediately took steps to ensure system security and launched an investigation into the nature and extent of the cyberattack.
In emails sent to patients on December 24, hackers claim that they stole the personal data of more than 2 million patients as a result of a cyberattack on Integris Health.
The stolen data allegedly includes social security numbers, dates of birth, addresses, phone numbers, insurance information, and employer information.
Integris Health patients reported that the emails contain valid personal information, which confirms that patient data was stolen as a result of the attack.
"We have contacted Integris Health, but they are refusing to address the issue," the email to patients reads. "We are giving you the option to delete your personal data from our databases before we sell the entire database to data brokers on January 5, 2024."
The emails contain a link to the Tor website, which lists the stolen data of about 4,674,000 people, including their names, social security numbers, dates of birth, and information about hospital visits.
Darknet site with stolen data
The website contains data added between October 19 and December 24, 2023. The site offers users to pay $50 for deleting a data entry or $3 for viewing it.
Integris Health is aware of emails sent to patients and has updated its security notice to warn recipients not to respond, contact the sender, or follow links in the email.
Although it is not known who is behind the attack on Integris Health, similar emails were sent to patients at the Fred Hutchinson Cancer Center after the ransomware group Hunters International hacked into the hospital's systems.
Emails to Fred Hutch patients also allowed them to visit the darknet site and delete their data, paying $50. This indicates that the same group of ransomware is probably behind the attack on Integris Health.
Patients at Integris Health in Oklahoma are receiving blackmail emails saying that their data was stolen in a cyberattack on the health care network, and if they do not pay the ransom, the data will be sold to other cybercriminals.
Integris Health is the largest non-profit network of medical institutions in the state of Oklahoma, USA, including hospitals, clinics and emergency care centers throughout the state.
Integris Health confirmed that in November, the company was hacked into "certain systems", which led to the theft of patient data.
Upon learning of the suspicious activity, INTEGRIS Health immediately took steps to ensure system security and launched an investigation into the nature and extent of the cyberattack.
In emails sent to patients on December 24, hackers claim that they stole the personal data of more than 2 million patients as a result of a cyberattack on Integris Health.
The stolen data allegedly includes social security numbers, dates of birth, addresses, phone numbers, insurance information, and employer information.
Integris Health patients reported that the emails contain valid personal information, which confirms that patient data was stolen as a result of the attack.
"We have contacted Integris Health, but they are refusing to address the issue," the email to patients reads. "We are giving you the option to delete your personal data from our databases before we sell the entire database to data brokers on January 5, 2024."
The emails contain a link to the Tor website, which lists the stolen data of about 4,674,000 people, including their names, social security numbers, dates of birth, and information about hospital visits.
Darknet site with stolen data
The website contains data added between October 19 and December 24, 2023. The site offers users to pay $50 for deleting a data entry or $3 for viewing it.
Integris Health is aware of emails sent to patients and has updated its security notice to warn recipients not to respond, contact the sender, or follow links in the email.
Although it is not known who is behind the attack on Integris Health, similar emails were sent to patients at the Fred Hutchinson Cancer Center after the ransomware group Hunters International hacked into the hospital's systems.
Emails to Fred Hutch patients also allowed them to visit the darknet site and delete their data, paying $50. This indicates that the same group of ransomware is probably behind the attack on Integris Health.
