A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information.
The attack occurred on September 8, 2024, and an investigation was launched with the help of a cybersecurity firm.
Files were accessed, encrypted, and copied by the threat actor between September 5 and September 8, 2024.
The exposed patient information includes names, demographic and health insurance information, clinical treatment details, and in some cases, Social Security and driver's license numbers.