The Cookeville Regional Medical Center disclosed a July 14, 2025 network intrusion that led to a ransomware-related data breach affecting more than 337,000 individuals and reportedly resulting in roughly 370,000 stolen files totaling about 500 GB. The Rhysida group listed the data for sale for 10 bitcoin, later making it freely available, and CRMC is offering identity protection only to individuals whose SSNs or driver’s license numbers were exposed. #CookevilleRegionalMedicalCenter #Rhysida
Keypoints
- Network intrusion was discovered on July 14, 2025, with files stolen in the days before detection.
- Compromised data may include names, dates of birth, addresses, SSNs, driver’s license numbers, financial account details, medical treatment information, and insurance policy data.
- CRMC reported the incident affects more than 337,000 individuals, while the attackers claim to have stolen about 370,000 files (≈500 GB).
- The Rhysida ransomware group posted the hospital on its leak site, sought 10 bitcoin (~$1 million), and later made the data available for download after failing to find a buyer.
- The hospital says there is no evidence of misuse so far and is offering identity protection to those with exposed SSNs or driver’s license numbers, but the risk of abuse remains significant.
Read More: https://www.securityweek.com/data-breach-at-tennessee-hospital-affects-337000/