A major medical service provider in the American state of Mississippi, Singing River, recently reported that a Cyberattack in August 2023 compromised the data of 895,204 individuals. The medical network, which includes hospitals in Paskugul, Osushen-Springs, and Galfport, as well as other medical institutions in the region, fell victim to this attack.
On August 19, 2023, the company divulged that it had been targeted by a sophisticated attack orchestrated by the Mount Program, resulting in disruptions at hospitals and potential data theft. By the end of August, Singing River was listed on the U.S. Department of Health and Human Services’ Civil Law Violations Portal with 501 reported victims.
Confirming the data breach on September 13, 2023, Singing River later disclosed on December 18 of the same year that the hacking incident had impacted 252,890 individuals. Subsequent updates from Maine authorities raised the total number of victims to 895,204.
As per Meng’s notification and the latest details from Singing River, the compromised patient data included full names, dates of birth, home addresses, Social Security numbers (SSN), medical information, and health information.
Singing River assures that there is currently no evidence of the leaked data being used for identity theft or fraud. All affected individuals have been offered 24 months of free credit monitoring and identity restoration services.
The Rhysida extortion group, known for targeting medical facilities, including children’s hospitals, claimed responsibility for the attack. The attackers released approximately 80% of the stolen data from Singing River on the internet, comprising 420,766 files totaling 754 GB.
Victims are advised to promptly utilize the protective services offered, exercise caution with unsolicited messages, and diligently monitor their account activity to safeguard against any potential unauthorized access or misuse of personal information.