HACKERS CLAIM THEY STOLE DATA OF MORE THAN 2 MILLION INTEGRIS HEALTH PATIENTS
News 9 - December 26, 2023 10:56 am
INTEGRIS Health said it is working to investigate a data breach in which hackers claimed they stole the data of more than 2 million patients to sell on the dark web.
Viewers messaged News 9 about an email they received over the weekend from hackers. The first paragraph of the email read as follows:
“Integris Health (integrisok.com) was breached on November 2023. The data of over 2 million patients was compromised including SSN, DOB, Address, Phone, Insurance Information, and Employer Information. This data will sell on the darknet and be used for fraud and identity theft. If you are receiving this message, your data have been compromised. We provide a sample of your data as proof.”
The email went on to list the exact address, phone number, birth date and social security number of each individual recipient.
“We have contacted Integris Health, but they refuse to resolve this issue,” the email continued. “We give you the opportunity to remove your personal data from our databases before we sell the entire database to data brokers on Jan 5 2024.”
The email then demanded that recipients pay to protect their data.
“Our tor shop allows users to purchase data for fraud,” the email said. “Any buyer can purchase data ‘exclusively’ for 50$. This gives the buyer exclusive rights on the data and will remove the data from the shop completely. This feature is useful for fraud activity such as identity theft, opening SIM lines, opening bank accounts, taking out loans, and making USA companies. A buyer can also purchase data without exclusive rights for 3$. In this case, the data will still be listed on the shop. You can remove your data from our shop and protect it from future fraud by purchasing exclusive rights on it (50$).”
The email included instructions and links on how to pay for the data.
Among those who received the email was Norman resident Paul Wilson. He said his address, cell phone number, date of birth and social security number were all listed in the email.
“This is a real eye-opener for me,” said Wilson. “I was really worried more for the cell phone because it’s directly tied to my work.”
Wilson said INTEGRIS Health has not contacted him since he received the email from hackers. He plans to call INTEGRIS in the next few days while monitoring his credit.
“When you give into the fear, they win,” said Wilson. “So I mean, I’m not going to stop going to INTEGRIS. I’m not going to stop going to places.”
INTEGRIS Health sent News 9 a statement saying the health system is aware of what it calls a “cyber event.”
“Specifically, we became aware of unauthorized access to a certain portion of our network that stores patient information,” INTEGRIS Health said in its statement. “Upon becoming aware of the activity, INTEGRIS Health promptly took steps to secure the environment and commenced an investigation into the nature and scope of the activity. There was no interruption to any services as a result of this event, and INTEGRIS Health remains fully operational.”
INTEGRIS Health said once it completes its investigation, it “will communicate to those impacted individuals with an offering of credit monitoring at no cost.”
The Federal Trade Commission said if people’s social security numbers are exposed, they should monitor their credit reports, consider placing a credit freeze, and try to file their taxes early before a scammer can. Click here for more tips from the FTC on what to do.
INTEGRIS Health said it will post additional information about the data breach and how those affected can protect themselves. Click here to visit the page.