























Cookeville Regional Medical Center in Tennessee yesterday confirmed it notified 337,917 people of a July 2025 data breach that compromised the following personal info:
The hospital on July 15, 2025 said a ransomware attack disrupted CRMC’s computer systems.
A cybercriminal group called Rhysida took credit for the breach on August 2, 2025. On its data leak site, Rhysida demanded 10 bitcoin in ransom for data it claims to have stolen from CRMC, worth about $1.15 million at the time.
CRMC has not acknowledged Rhysida’s claim and Comparitech cannot independently verify it. We do not know if CRMC paid a ransom or how attackers breached its network. Comparitech contacted CRMC for comment and will update this article if it replies.
“On July 14, 2025, we discovered that we were the victim of a ransomware attack,” says CRMC’s notice to breach victims. “The forensic investigation determined that an unauthorized third party accessed our computer network and viewed or acquired certain files between July 11, 2025, and July 14, 2025.”
The hospital is offering breach victims one year of free identity theft protection through Experian.
Rhysida is a cybercriminal group that first surfaced in May 2023. Its ransomware can steal data and lock down targeted systems. It then demands a ransom both for deleting stolen data and for a key to restore infected devices. Rhysida operates a ransomware-as-a-service business in which affiliates pay Rhysida to use its malware and infrastructure to launch attacks and collect ransoms.
Rhysida claimed responsibility for 91 ransomware attacks in 2025. Of those attacks, 23 were confirmed by the targeted organizations. Rhysida’s average ransom is $1.2 million.
Rhysida took credit for six confirmed ransomware attacks against healthcare providers last year. In addition to CRMC, they include:
The cybercriminal group remains active in 2026 with six more attack claims to date. One of those has been confirmed so far.
Comparitech researchers logged 134 confirmed ransomware attacks on US hospitals, clinics, and other healthcare providers in 2025. Those attacks compromised 11.7 million records in total.
The CRMC is the eighth-largest such breach by number of records compromised.
Other recently-confirmed US healthcare data breaches include:
Ransomware attacks on US hospitals, clinics, and other care providers can steal data and lock down infected computer systems. They can cripple critical systems and endanger the health, privacy, and security of patients. Infected hospitals and clinics must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk. Hospitals and clinics might resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
Cookeville Regional Medical Center is a 289-bed hospital in the Upper Cumberland region of Tennessee. Between July 2024 and June 2025, the hospital fielded 46,995 emergency room visits, 13,182 inpatient admissions, 186,935 outpatients visits, 36,841 urgent care visits, delivered 1,795 newborns, and performed 10,642 surgeries, according to its website. It employs 2,660 people, 285 of which are physicians.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。