好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内。用户已经提供了文章内容,我得先仔细阅读一下,找出关键信息。 首先,文章讲的是Cookeville Regional Medical Center医院的数据泄露事件。受影响的人数是337,917人。攻击者是Rhysida勒索软件集团,他们窃取了500GB的敏感数据。数据包括个人信息如姓名、地址、出生日期、社保号、驾照号、财务信息以及医疗和保险信息。 事件发生在2025年7月14日,医院在检测到可疑活动后立即展开调查,并与执法部门和取证公司合作。调查发现未经授权的第三方在7月11日至14日期间访问了网络,可能查看或窃取了敏感数据。 医院已经通过邮件通知受影响的个人,并提供免费的身份盗窃保护服务。虽然目前没有确认数据被滥用,但建议受影响的人监控账户和信用报告,并在发现可疑活动时报告。 总结的时候,我需要包括以下几点:医院名称、事件原因(勒索软件攻击)、受影响人数、泄露的数据类型、事件时间以及应对措施(通知和保护服务)。同时要控制在100字以内。 可能的结构是:医院名称 + 勒索软件攻击 + 受影响人数 + 数据类型 + 时间 + 应对措施。 现在试着组织语言:Cookeville Regional Medical Center因Rhysida勒索软件攻击导致33.7万人数据泄露,涉及个人信息和医疗记录等敏感数据。医院已通知受影响者并提供保护服务。 这样大约68个字,符合要求。 </think> Cookeville Regional Medical Center因Rhysida勒索软件攻击导致约33.7万人数据泄露,涉及个人信息和医疗记录等敏感数据。医院已通知受影响者并提供身份保护服务。 2026-4-16 18:3:55 Author: securityaffairs.com(查看原文) 阅读量:15 收藏
Cookeville Regional Medical Center hospital data breach impacts 337,917 people
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems.
A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved the theft of around 500GB of data, exposing sensitive information from the hospital.
Cookeville Regional Medical Center detected suspicious activity on July 14, 2025, and quickly launched an investigation with law enforcement and a forensic firm. It found that an unauthorized party accessed its network between July 11 and 14, potentially viewing or stealing sensitive data.
After completing its investigation, CRMC reviewed the affected files and confirmed that personal data was exposed. Depending on the individual, this may include names, addresses, dates of birth, Social Security and driver’s license numbers, financial details, and medical or insurance information. The hospital is notifying affected individuals by mail where possible.
“The forensic investigation determined that an unauthorized third party accessed CRMC’s computer network and viewed or acquired certain files between July 11, 2025, and July 14, 2025. Based on the results of its investigation, CRMC conducted a comprehensive review of the affected files to determine if they contained any personal information that was viewed or acquired by the third party.” reads the notice of data breach “CRMC identified the personal information of certain individuals. Depending on the individual, the personal information may include their name, address, date of birth, Social Security number, driver’s license number, financial account number, medical treatment information, medical record number, and/or health insurance policy information. CRMC is mailing notification letters to individuals for whom they have a valid address and whose information was in the affected files.”
CRMC advises affected individuals to follow the guidance in notification letters to protect themselves. While no misuse of data has been confirmed, the hospital offers free identity theft protection to those impacted. People should monitor accounts and credit reports, report suspicious activity, and contact authorities if fraud is suspected. They can also consult FTC resources for tips on fraud alerts and credit protection.
According to the notification sent to the Maine Attorney General’s Office, the incident impacted 337,000 people.
In August 2025, the Rhysida ransomware group added the healthcare organization to its Tor data leak site, claiming the theft of 538 GB of data.
However, none bought the stolen data, and the group leaked it for free.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
如有侵权请联系:admin#unsafe.sh