A Kansas healthcare provider with multiple emergency care facilities said in December that cyber attacks exposed sensitive information from hundreds of thousands of people.
The Sunflower Medical Group said nearly 221,000 patients have information accessed by hackers who infiltrated the system on December 15th. The company notified regulators in Maine, Vermont and California and posted notifications on its website.
The affected individuals potentially leaked their names, addresses, date of birth, Social Security number, driver's license number, medical information, and health insurance information.
The company initially discovered the violation on January 7th, hired a cybersecurity company to investigate from mid-December to investigate hackers before they were discovered in the system. The hacker has made a copy of the Sunflower file.
Sunflowers said they sent a letter saying that all victims had a valid address and provided credit monitoring services for a year.
The company has not stated whether it handles ransomware attacks or has not reported any operational issues since December.
Sunflower operates four emergency care locations and multiple facilities covering primary care, obstetrics and lab testing.
The Rhysida ransomware gang honoured the efforts of the January attack, threatening to leak stolen data if the ransom of about $800,000 was not paid.
The group has repeatedly targeted medical facilities and nonprofit organizations, including Chicago's Prospect Medical and Lurie Children's Hospital.
Recorded future
Intelligence Cloud.
learn more.
