SecurityWeek reports that Oklahoma-based nonprofit health provider Great Plains Regional Medical Center had personal information from 133,149 patients stolen following a ransomware attack in early September, which has not yet been claimed by a known threat actor.
Threat actors who compromised Great Plains' systems between Sep. 5 and 8 were able to copy, encrypt, and exfiltrate files including individuals' names, Social Security numbers, demographic details, driver's license numbers, health insurance information, and diagnosis and medication details, according to the medical center, which did not name its attackers. "We quickly restored our systems and returned to normal operations, but we also determined that a limited amount of patient information was not recoverable," said Great Plains, which noted in its incident notice that it is providing complimentary credit monitoring services to people whose driver's license numbers or SSNs may have been stolen.
