Integris Health patients have been receiving threatening emails claiming that personal information was compromised in a cyberattack on the healthcare network and that the information would be sold to other unscrupulous parties if they do not pay the demands made of them.
INTEGRIS Health secured the area and started looking into the type and extent of the activity.
Files may have been accessed by an unauthorised individual, it was discovered.
The hackers stated in the emails they sent to patients that they had conducted a cyberattack and stolen the personal information of over two million patients.
Social Security numbers, dates of birth, residences, phone numbers, insurance information, and employer details were all included in the material.
TPRM report: https://scoringcyber.rankiteo.com/company/integris-it
"id": "int21125224",
"linkid": "integris-it",
"type": "Data Leak",
"date": "12/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Over two million patients',
'industry': 'Healthcare',
'name': 'Integris Health',
'type': 'Healthcare Network'}],
'attack_vector': 'Email Threats',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Over two million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers',
'dates of birth',
'residences',
'phone numbers',
'insurance information',
'employer details']},
'description': 'Integris Health patients received threatening emails claiming '
'that their personal information was compromised in a '
'cyberattack. The hackers demanded payment to prevent the '
'information from being sold to other unscrupulous parties.',
'impact': {'data_compromised': 'Yes', 'identity_theft_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Threatened',
'entry_point': 'Email Threats',
'high_value_targets': 'Patient data'},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': 'Yes', 'ransom_demanded': 'Yes'},
'response': {'containment_measures': 'Secured the area and started '
'investigation'},
'title': 'Integris Health Data Breach',
'type': 'Data Breach'}