A ransomware attack that took place in August 2023 is now estimated to have affected 895,204 people within the Singing River Health System. The Singing River Health System operates three hospitals in Mississippi, one in Pascagoula, one in Ocean Springs, and one in Gulfport, which collectively provide over 700 beds to its patients. It is one of the largest healthcare providers in Mississippi. It employs a total of 3,500 people, and it also operates two hospices, four pharmacies, six imaging centres, ten speciality centres, and twelve medical clinics throughout the Gulf Coast region. 

The impacted hospitals were experiencing major IT system outages for several services, including laboratory testing and radiology testing. At the time, Singing River said it was working to process all paper-ordered lab tests and radiology exams as quickly as possible, depending on the priority of the exam. It was revealed by the healthcare organization on September 13, 2023, that a data breach had taken place, and in December 2023 the organization announced that 252,890 individuals were affected by the incident. 

According to a new update shared by the Maine Attorney General, the company reported that 895,204 people were affected by the incident. An August 31, 2023, disclosure from the healthcare system was the first time it reported the breach. As of the time of this writing, the US Department of Health and Human Services (HHS) Office for Civil Rights has been informed of the breach as impacting at least 501 individuals. 

The number will be determined once internal and external investigations have been completed. It has been confirmed that the data exposed to the public is a combination of full names, dates of birth, physical addresses, Social Security Numbers (SSNs), medical information, and health information, according to the latest information in the data breach report and on the organization's website. Singing River assured everyone that despite these issues, they have yet to find evidence that the threat actors were using the data to commit identity fraud or theft. 

It is also worth noting that the company also offers two-year credit monitoring services and identity restoration services to those who may be affected by this. A ransomware group known as Rhysida has been reported as responsible for the attack, making it one of the most serious cybercriminals groups targeting healthcare providers. Approximately 80% of the data that the threat actors claim to have gained from the Singing River has been exposed thus far, which includes 420,766 files totalling 754 GB in size, which comes with a catalogue of 420,766 files that they claim have gained from the Singing River. 

Threat actors will no doubt take advantage of these opportunities to generate other illicit activities, such as phishing if the stolen data includes details that can provide additional information. Due to this, recipients of the free identity restoration and monitoring services provided by the Federal Trade Commission are recommended to immediately apply for them to avoid becoming victims of such campaigns. 

A ransomware gang known as Rhysida was responsible for the attack, as well as other healthcare systems including Prospect Medical Holdings and Lurie Children's Hospital. According to the Health Sector Cybersecurity Coordination Center at HHS, the group has targeted educational institutions, the manufacturing industry, as well as the Chilean army in the past, as well as numerous other institutions.   

The IDX recommendation is that impacted individuals enrol in IDX's services as soon as possible, act with caution when responding to unsolicited communications, monitor all accounts for suspicious activity, and consider placing a security freeze on their credit reports to protect themselves. Threat actors are becoming increasingly attracted to the healthcare sector due to its data holdings and the importance of these data for a community or country, thus making it a highly attractive target for data breach attacks. 

In a cyberattack that occurred last week, DocGo, a provider of mobile medical services, was compromised. For individuals who have been impacted by the SRHS, IDX identity theft protection is offering a free twelve months of credit monitoring services provided by IDX for twenty-four hours a day. Moreover, the company offers guidance on how to prevent identity theft and fraud, which includes steps to report suspicious incidences, as well as placing fraud alerts or security freezes on the credit record to protect the information. 

As well as that, they will be providing information on how users can protect themselves from tax fraud, how to contact consumer reporting agencies, and how to get a free credit report. A report by the Singing River Health System has reviewed the account statements of individuals impacted by the breach and recommended that they monitor their credit reports and account statements closely. 

In the wake of a recent ransomware attack on the Singing River Health System, which resulted in the theft of data belonging to 895,000 individuals, authorities are urging affected persons to take immediate action. It is strongly recommended that anyone who suspects they may be a victim of identity theft or fraud report these incidents to the appropriate authorities without delay. 

Key organizations to contact include the Federal Trade Commission (FTC), which handles consumer complaints and can guide users in protecting their identity. Additionally, individuals should reach out to their state's Attorney General's office, which often has resources and support for victims of identity theft. Reporting the incident to local law enforcement is also crucial, as it helps authorities track and investigate such crimes. By taking these steps, individuals can not only protect themselves from further harm but also assist in the broader effort to combat cybercrime and bring those responsible to justice.