On December 18, 2023, SRHS confirmed the breach compromised knowledge of 252890 sufferers, all of whom have been notified by mails on January 12, 2023. Comparable notifications have been despatched on Could 13, 2024, this time to the 25 Maine sufferers, confirming the brand new estimate.
“By the investigation, Singing River recognized unauthorized entry inside its setting between August 16 and August 18, 2023,” SRHS stated within the discover. “Though now we have no indication of any misuse of your private data on account of this occasion, out of an abundance of warning, we’re offering discover to people who could have been impacted.”
The assault was claimed by the Rhysida ransomware gang, a infamous risk group that has hacked different healthcare techniques together with the Lurie Youngsters’s Hospital and Prospect Medical Holdings — though its targets have additionally included academic establishments, manufacturing trade, and the Chilean military, in line with a report by the HHS Well being Sector Cybersecurity Coordination Heart.
Breached knowledge embody affected person well being data
The breach compromised private in addition to well being knowledge of Singing River sufferers, together with identify, date of beginning, handle, Social Safety quantity, medical data, and well being data.
“Singing River has no proof that any of your data was used for id theft or fraud,” the corporate stated within the discover. “We encourage doubtlessly impacted people to stay vigilant in opposition to incidents of id theft and fraud by reviewing their accounts, explanations of advantages, and credit score stories for suspicious exercise, and to report any suspicious exercise to the affiliated establishments instantly.”
Nonetheless, in line with a report by Bleeping Laptop, the Rhysida group has launched 80% of the information it holds from the SRHS breach, which included a over 420,000 recordsdata amounting to greater than 754 GB of knowledge.
