As part of a cyber attack, a threatening email was sent to hospital patients, and the attacker said, ``If you pay 7,000 yen, your data will be deleted.''



Integris Health, which manages a medical network connecting local hospitals in Oklahoma, was attacked by a cyberattack and a large amount of patient's personal information was leaked. It was discovered that the person behind this attack was sending threatening emails to patients and demanding payment for the deletion of their information.

Cyber Event | INTEGRIS Health

https://integrisok.com/landing/cyber-event



Integris Health patients get extortion emails after cyberattack

https://www.bleepingcomputer.com/news/security/integris-health-patients-get-extortion-emails-after-cyberattack/

On November 28, 2023, someone infiltrated Integris Health's network and accessed patient personal information. Integris Health acknowledged the data breach on December 24, announcing that patient names, dates of birth, contact information, and social security numbers may have been compromised. It also warned patients that a group claiming to be behind the cyber attack was sending threatening emails and advised them not to comply with or respond to the emails.

According to the news site BleepingComputer, the threatening email includes a hacker's claim that ``the personal information of more than 2 million people was stolen'' and a Tor link. The link destination is a dark website that sells personal information, and Bleeping Computer has confirmed that there are approximately 4,674,000 pieces of data, and it costs $ 3 (about 420 yen) to view and $ 50 to delete. (Approximately 7000 yen)It seems that there is a description that it is necessary.



'We have alerted Integris Health and have not seen any attempt at resolution. We will sell all data to a broker on January 5, 2024. We will give you the opportunity to delete your data before that,' the hacker wrote in the email. and demands that the patient pay a ransom.

BleepingComputer warned that ``Paying the ransom does not necessarily lead to the deletion of data, but rather that paying money may attract attention and extort even more money.''



in Security, Posted by log1p_kr