suncrypt attacks Oklahoma City Indian Clinic

Incident Date:

March 28, 2022

World map

Overview

Title

suncrypt attacks Oklahoma City Indian Clinic

Victim

Oklahoma City Indian Clinic

Attacker

Suncrypt

Location

Oklahoma City, USA

Oklahoma, USA

First Reported

March 28, 2022

Oklahoma City Indian Clinic Suffers Ransomware Attack

The Oklahoma City Indian Clinic (OKCIC) has confirmed a ransomware attack that occurred on March 10, 2022. The incident led to a network disruption, causing delays and access issues with the pharmacy department. The attack forced the clinic to shut down its automatic refill line and mail order service of its pharmacy department, requiring patients to call the pharmacy for needed refills.

The Oklahoma City Area Indian Health Service serves the states of Oklahoma, Kansas, and portions of Texas, with a large number of Tribal Health Care Facilities and Programs, including large-scale hospitals and smaller preventive care programs. The clinic has been working with its IT staff and third-party specialists to find a resolution, but the pharmacy delays continue for an undetermined amount of time.

The attack affected the pharmacy department, causing delays and access issues. Patients were advised to call the pharmacy for needed refills, which required them to provide prescription information, including drug dosages, chart numbers, provider names, and directions, with a government-provided ID.

The breach notice revealed that the forensic evidence could not rule out the possibility that certain patient information was accessed by the attacker. All patients with information contained in the network were being notified, and potentially compromised data could include names, dates of birth, treatments, prescriptions, medical records, provider information, health insurance policy numbers, phone numbers, Tribal ID numbers, Social Security numbers, and driver's license numbers.

The clinic has since reset account passwords and implemented further security measures to protect information. All patients will receive free credit monitoring and identity protection services.

The attack on the Oklahoma City Indian Clinic is a reminder of the increasing threat of ransomware attacks on healthcare providers, which often have rich data but may not secure it to the same level as banks. Hospitals are advised to focus on patient care but also prioritize securing their patient data to prevent such attacks in the future.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.