The Great Plains Regional Medical Center experienced a ransomware attack, impacting 133,000 individuals by compromising their personal data. The attack took place between September 5, 2024, and September 8, 2024. Despite swift actions to secure systems and restore normal operations, the attackers accessed, encrypted, and potentially copied sensitive files, with some patient information being non-recoverable. The exposed data includes names, health insurance details, clinical treatment information, and possibly Social Security numbers and driver's licenses. Affected patients are being notified and offered free credit monitoring services.
Source: https://securityaffairs.com/171156/data-breach/great-plains-regional-medical-center-data-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/great-plains-regional-medical-center-elk-city
"id": "gre000112024",
"linkid": "great-plains-regional-medical-center-elk-city",
"type": "Ransomware",
"date": "11/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 133000,
'industry': 'Healthcare',
'name': 'Great Plains Regional Medical Center',
'type': 'Medical Center'}],
'data_breach': {'number_of_records_exposed': 133000,
'personally_identifiable_information': ['names',
'Social Security '
'numbers',
"driver's licenses"],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'health insurance details',
'clinical treatment information',
'Social Security numbers',
"driver's licenses"]},
'date_detected': '2024-09-05',
'description': 'The Great Plains Regional Medical Center experienced a '
'ransomware attack, impacting 133,000 individuals by '
'compromising their personal data. The attack took place '
'between September 5, 2024, and September 8, 2024. Despite '
'swift actions to secure systems and restore normal '
'operations, the attackers accessed, encrypted, and '
'potentially copied sensitive files, with some patient '
'information being non-recoverable. The exposed data includes '
'names, health insurance details, clinical treatment '
'information, and possibly Social Security numbers and '
"driver's licenses. Affected patients are being notified and "
'offered free credit monitoring services.',
'impact': {'data_compromised': ['names',
'health insurance details',
'clinical treatment information',
'Social Security numbers',
"driver's licenses"]},
'ransomware': {'data_encryption': 'Yes', 'data_exfiltration': 'Potentially'},
'response': {'communication_strategy': ['Notified affected patients',
'Offered free credit monitoring '
'services']},
'title': 'Ransomware Attack on Great Plains Regional Medical Center',
'type': 'Ransomware'}