Integris Health, the largest non-profit healthcare system in Oklahoma, has started informing patients of a data breach impacting their personal information.
The data breach occurred at the end of November, but the attack did not impact the healthcare provider’s operations, Integris Health explains in an incident notice on its website.
The compromised personal information, the organization says, includes names, contact information, dates of birth, demographic data, and Social Security numbers.
“The personal information potentially affected varies by individual,” Integris Health says.
The healthcare network says the incident has not impacted payment information, login credentials, or driver’s license numbers.
“Upon learning of the event, Integris Health promptly took steps to investigate the full scope of the incident. In an abundance of caution, Integris Health is also notifying potentially affected individuals and providing information on steps that may be taken to best protect personal information,” the organization notes.
The healthcare network also warns that some of the affected patients have been receiving messages from a hacking group claiming responsibility for the attack.
“We encourage anyone receiving such communications to not respond or contact the sender, or follow any of the instructions, including accessing any links,” Integris Health says.
The attackers claim to have stolen the personal information of more than two million individuals, threatening to sell the data on the dark web. The hackers are also providing data samples to prove their claims.
On a Tor-based website, the hacking group is offering for sale the alleged information of millions of individuals. It’s unclear, however, whether the hackers are affiliated with any known group, they are a rebranding, or a new threat actor.
“We continue investigating this event to determine the scope of impacted data and individuals and contact information. Upon completion, we will communicate to those impacted individuals with an offering of credit monitoring at no cost,” Integris Health says.
Related: Inmate, Staff Information Stolen in Rhode Island Prison Data Breach
Related: ESO Solutions Data Breach Impacts 2.7 Million Individuals
Related: Mr. Cooper Data Breach Impacts 14.7 Million Individuals
