Security News > 2023 > December > Integris Health patients get extortion emails after cyberattack
Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors.
"INTEGRIS Health discovered potential unauthorized activity on certain systems," reads a data privacy notice on Integris Health's website.
In extortion emails sent to patients on December 24th, the hackers claim they stole the personal data of over 2 million patients in the cyberattack on Integris Health.
BleepingComputer was told by patients of Integris Health that these emails contained accurate personal information, confirming that patient data was stolen in the attack.
The emails include a link to a Tor extortion site that currently lists the stolen data for approximately 4,674,000 people, including their names, Social Security Numbers, dates of birth, and information about hospital visits.
The Fred Hutch emails also allowed patients to visit a dark website and delete their data by paying $50, making it likely that the same ransomware attack is behind the attack on Integris Health.