Methodist McKinney Hospital

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Methodist McKinney Hospital Data Breach

Methodist McKinney Hospital in Texas experienced a significant data breach due to a cyberattack by the Karakurt ransomware group. The incident was first detected on July 5, 2022, when unusual activity was noticed on certain systems[1][5]. The unauthorized access occurred between May 20 and July 7, during which the hackers copied certain files[9]. The Karakurt group claimed responsibility for the attack and allegedly posted 360 gigabytes of personal data on the dark web[1].

The compromised data included a wide range of sensitive personal information such as names, addresses, Social Security numbers, dates of birth, medical history information, medical diagnosis information, treatment information, medical record numbers, and health insurance information[1][5]. This breach affected not only Methodist McKinney Hospital but also Methodist Allen Surgical Center and Methodist Craig Ranch Surgical Center[1][7].

Methodist McKinney Hospital took immediate steps to secure its systems and began an investigation with the help of a third-party cybersecurity firm. The hospital is in the process of reviewing and enhancing its security policies and procedures and implementing additional safeguards[1]. The U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ Breach Portal lists the incident as affecting 110,244 individuals[9].

The Karakurt ransomware group is known for its strategy of scanning, reconnaissance, and data collection for about two months before attempting to gain access to files containing sensitive information and holding that information for ransom[1]. They have been involved in at least four cyberattacks against U.S. healthcare organizations and are notorious for their harassment campaigns, which include sending numerous emails and phone calls to employees, business partners, and clients, warning them to encourage the victims to negotiate with the actors to prevent the dissemination of victim data[1][4].

Healthcare organizations are advised to implement multi-factor authentication, use secure passwords, and patch systems regularly to safeguard against such cyberattacks[1]. Methodist McKinney Hospital has notified law enforcement and advised affected patients to monitor their credit for fraud[7].

Citations:

  1. https://healthitsecurity.com/news/karakurt-ransomware-group-targets-methodist-mckinney-hospital-in-cyberattack
  2. https://www.dmagazine.com/healthcare-business/2023/12/medical-citys-17m-womens-hospital-opens-in-mckinney-and-methodist-health-system-tops-out-celina-hospital/
  3. https://www.wfaa.com/article/news/health/collin-county-methodist-mckinney-hospitals-get-hacked-exposing-social-security-numbers-and-health-data/287-2b3dbfbc-7632-45e5-b003-41cc1c781dd7
  4. https://www.healthcareitnews.com/news/cyberattack-roundup-dna-data-auctioning-and-fourth-party-medicaid-breach
  5. https://www.jdsupra.com/legalnews/methodist-mckinney-hospital-announces-8569787/
  6. https://news.yahoo.com/worshippers-switching-congregations-amid-united-120710607.html
  7. https://www.cbsnews.com/texas/news/mckinney-hospital-surgical-centers-targeted-by-group-of-russian-hackers/
  8. https://www.sonomacountygazette.com/sonoma-county-news/a-deep-dive-into-the-petaluma-health-center-data-breach/
  9. https://www.paubox.com/blog/karakurt-ransomware-group-strikes-methodist-mckinney-hospital
  10. https://communityimpact.com/local-news/dallas-fort-worth/mckinney/news/healthcare/2019/03/18/sleep-lab-now-open-at-methodist-mckinney-hospital/
  11. https://www.hipaajournal.com/phi-exposed-methodist-mckinny-hospital-columbia-river-mental-health-services/
  12. https://www.dallasnews.com/business/health-care/2022/08/17/mckinney-area-hospitals-experience-data-breach/
  13. https://www.healthcareitnews.com/news/stolen-texas-health-data-may-be-posted-dark-web
Breach Submission Date Aug 26, 2022
Converted Entity Name Methodist McKinney Hospital
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 110,244
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes