November 18, 2024 at 08:49AM
Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals of a ransomware attack that compromised personal information, including Social Security numbers and health data. The attack was discovered on September 8, and the hospital is offering free credit monitoring for affected patients while restoration efforts have been completed.
### Meeting Takeaways:
1. **Incident Overview**: Great Plains Regional Medical Center in Oklahoma experienced a ransomware attack, compromising the personal information of over 133,000 individuals.
2. **Timeline of Attack**:
– Attack detected on September 8, 2024.
– Attackers had access to the hospital’s systems from September 5 to September 8, 2024.
3. **Data Compromised**:
– Compromised information includes:
– Names
– Driver’s license numbers
– Social Security numbers
– Demographic information
– Health insurance information
– Diagnosis and medication information
4. **Response Actions**:
– The medical center restored their systems and returned to normal operations, though some patient information remains unrecoverable.
– Affected patients will receive notification letters and offered free credit monitoring services for those with compromised Social Security or driver’s license numbers.
5. **Regulatory Notification**: The medical center has reported the incident to the US Department of Health and Human Services, specifying that 133,149 individuals were affected.
6. **Threat Actor Information**: The hospital has not disclosed the identity of the attackers, and no known ransomware groups have claimed responsibility for the attack.
7. **Background on Medical Center**:
– Great Plains Regional Medical Center is a 62-bed hospital located in Elk City, Oklahoma, serving Western Oklahoma and the Eastern Texas Panhandle, providing various healthcare services, including emergency care.
8. **Related Developments**:
– The meeting touched on ongoing concerns about ransomware attacks and cybersecurity in hospitals, referencing similar incidents and funding initiatives for hospital cybersecurity.