Integris Health reports data breach, patient data exposed

Integris Health, the state's largest healthcare system in Oklahoma, United States has reported a data breach, prompting them to issue a warning to their patients. The breach came to light when several individuals reported receiving emails from an anonymous source. These emails made a startling claim: Integris Health had suffered a data breach, and the sender allegedly had access to sensitive patient information.

The anonymous sender threatened to sell this confidential information on the dark web unless they received payments.  Upon investigation, Integris Health acknowledged the breach and confirmed that specific types of patient data might have been compromised. The data at risk includes patients':

• dates of birth,
• contact details,
• demographic information,
• social security numbers.

No details are disclosed about the nature of the attack nor the number of affected individuals.

Update - as of 13th of February 2024, Integris Health confirmed that the breach is affecting nearly 2.4 million people. The attacker offered victims the option to pay for their data's removal or access others' information via a Tor network site. Integris Health is notifying all affected patients and has provided a FAQ for further guidance,

Integris Health are working to improve the security of their systems and patient information to prevent further unauthorized access. They are likely engaging in efforts to assist affected patients and mitigate the potential damage from the breach.