Hackers in an Integris Health data breach are emailing victims. What to do if you receive one

Dale Denwalt, The Oklahoman
Updated ·3 min read
Integris Health Baptist Medical Center, 3300 Northwest Expressway, is pictured Tuesday in Oklahoma City.
Integris Health Baptist Medical Center, 3300 Northwest Expressway, is pictured Tuesday in Oklahoma City.

Some patients who have records on file with Integris Health were apparently contacted last week by someone claiming to have stolen their personal information from the hospital and threatening to post it on the dark web.

An email shared on social media, allegedly from the supposed hackers, says attackers got names, contact information, work and insurance information, plus Social Security numbers.

The email suggests they attempted to extort Integris before reaching out to affected patients directly.

"We have contacted Integris Health, but they refuse to resolve this issue," the unknown sender wrote.

The emails threatened data breach victims by saying if they don't pay $50 worth of Bitcoin, their information will be sold to data brokers who operate on the dark web.

Integris issued its own notice over the Christmas weekend to patients it knows were affected by the data breach. The data breach apparently did not include payment information, passwords or other government-issued identification. Not every Integris patient received the notice, and some victims posted online that some of the details were out of date.

The hospital warned that if you received an email like this from the hacker, do not click any links or interact with them.

On its website, Integris said it learned of the breach nearly a month ago.

"Upon becoming aware of the suspicious activity, Integris Health promptly took steps to secure the environment and commenced an investigation into the nature and scope of the activity," the hospital said on its website. "The investigation determined that certain files may have been accessed by an unauthorized party on Nov. 28, 2023. Integris Health initiated a review of the potentially accessed data to determine the type of information and to whom it related, which is currently underway."

Integris Health Baptist Medical Center is pictured Tuesday in Oklahoma City.
Integris Health Baptist Medical Center is pictured Tuesday in Oklahoma City.

What to do after a data breach

Under U.S. law, consumers can request one free credit report each year from each of the three major credit reporting bureaus: Equifax, Experian and TransUnion. To order a free credit report, you can go to www.annualcreditreport.com or call 877-322-8228. Consumers also may directly contact the three major credit reporting bureaus to request a free copy of their credit report.

You also can create a fraud alert or request a credit freeze to ensure no one else uses your personal information to open lines of credit.

In its message to potentially affected patients, Integris said it was still investigating the scope of the data breach. When that investigation is complete, it will offer free credit monitoring to anyone affected.

It's not clear how the hackers acquired the information or who was responsible for keeping the data safe. Cyber breaches often involve an attack on vulnerable servers belonging to a company's vendors, or the hospital could have been attacked directly.

Hospitals are a frequent target of cybercrime. In some of these attacks, hackers are able to shut down access to computer systems and data while demanding huge payments to unlock it, a tactic known as ransomware. In other cases, they simply download private information and sell it on the black market.

While breaches can include personal medical information, there's no indication from Integris that this attack included that kind of data.

Integris Health Baptist Medical Center is at 3300 Northwest Expressway.
Integris Health Baptist Medical Center is at 3300 Northwest Expressway.

This article originally appeared on Oklahoman: Hackers stole personal information of Integris Health patients