SSNs of 700,000 people stolen after April ransomware attack

Yuma Regional Medical Center (YRMC), a major hospital in Yuma, Arizona is sending notification letters to more than 700,000 patients after a ransomware attack in April lead to a data breach involving Social Security numbers.

YRMC reported it disclosed a ransomware attack on April 25 and immediately took networks offline before contacting cybersecurity experts and law enforcement:

The investigation determined that an unauthorized person gained access to our network between April 21, 2022, and April 25, 2022, and removed a subset of files from our systems.

The organization is offering free credit monitoring and identity theft protection services “to those who are eligible.”

No ransomware group has publicly claimed credit for the attack yet.

This is not an isolated case of a cyberattack on the healthcare institution. Cancer research center Fred Hutchinson Cancer reported an unauthorized user gained temporary access to an employee’s email account, resulting in a data breach.