Oklahoma’s Largest Non-Profit Health System Breached; 2.3 Million Exposures

  • By Steven
  • Published: Feb 19, 2024
  • Last Updated: Feb 21, 2024
Integris

INTEGRIS Health is the largest non-profit healthcare network in Oklahoma and surrounding regions. The network includes medical and surgical centers, hospitals, emergency rooms, hospice options, addiction recovery programs, and a holistic approach to health and wellness. In November 2023, Integris discovered suspicious activity within their network environment; subsequent investigations have confirmed they were the target of a cyberattack that exposed 2,385,646 individuals. 

How Did the Attack Occur? 

Not much is public about the attack or how the assailants made it happen. Other than the few details listed in the Integris website statement, there is plenty of room for speculation about the events leading up to the breach. According to the statement, an unauthorized actor accessed the environment and began accessing files. There are no indications of ransomware attacks or encryptions, but signs point to possible extortion/phishing consequences associated with this event. Based on reporting, a month after the attack occurred, victims of the event began to receive communications from a group claiming responsibility for the attack. Victims must be cautious when interacting with others online and ignore or delete messages from strangers.

What Information Was Viewed or Stolen? 

Based on the published website statement, the compromised data in this event differs between individuals but may primarily come from patients. The data elements exposed in the incident include names, dates of birth, contact information, demographic details, and Social Security Numbers. Moreover, the data compromised lends itself to spear phishing (where cybercriminals target a victim using individual-specific details to gather more data) and extortion (where a criminal can use the stolen details to threaten the victim into cooperation). 

How Did Integris Health Admit to the Breach? 

The Integris statement lists the earliest day in the timeline to be around November 28th, 2023; purportedly, this is the day the unauthorized actor accessed the environment. It is unclear how long they were in the network up to that point and when officials finally discovered the breach. Presumably, officials discovered the threat and immediately removed the actor from the network. Around a month later, on December 24th, some victims began to report the unauthorized actors messaging them about the event. In January 2024, officials began notifying the state attorney general’s offices and those impacted by the breach.

What Will Become of the Stolen Information? 

The information stolen in this event lends itself to phishing and extortion practices; however, the criminals could use this data to create fraudulent identity schemes or impersonations. On the one hand, the threat actors contacting victims for further data is good because it indicates their limited options for profiteering from the event. Still, on the other hand, it is terrible because it further threatens victims and displays a willingness to abuse those already impacted.

What Should Affected Parties Do in the Aftermath of the Breach? 

The data elements compromised in this event are mainly permanent; Social Security Numbers, demographics, and personal identifiers are challenging to alter. However, contact information may be a strong indicator in mitigating the outcomes of this breach. Since the bad actors presumably used stolen contact information to communicate with their victims, those same individuals must consider changing their contact details (i.e., phone number, email address). Victims must be cautious when interacting online with strangers and use vague language to describe themselves and the topics they care about. Victims of this incident will receive their impact notice in the next few weeks, but they don’t need to wait for a notice for preventing account takeovers.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Google Voice Scams: What They Are and How to Stay Safe

Google Voice Scams: What They Are and How to Stay Safe

Google Voice scams continue to pose a risk for users of this service. Scammers continuously attempt to lure users into divulging their verification PIN code.

What Are Pretexting Attacks: Scam Types and Security Tips?

What Are Pretexting Attacks: Scam Types and Security Tips?

Have you ever received a text from someone you do not know? Did you become alarmed by the message? Did the message contain information about you and the people you know?

What is a Time-based One-time Password (TOTP)?

What is a Time-based One-time Password (TOTP)?

Authentication is the process that verifies the user's identity to control access to resources, prevent unauthorized users from gaining access to the system, and record user activities (to hold them accountable for their activities).

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close