Over 337K affected by Cookeville Regional Medical Center hack

Tennessee-based Cookeville Regional Medical Center had information from 337,917 patients compromised following a ransomware attack last July that has been claimed by the Rhysida ransomware-as-a-service operation, according to Infosecurity Magazine.

Infiltration of systems between July 11 and July 14, 2025 allowed threat actors to access or acquire individuals' names, birthdates, Social Security numbers, addresses, financial account details, treatment information, medical record numbers, and health insurance data, said CRMC in a filing with the Office of the Maine Attorney General. All impacted patients will be eligible for a year's worth of complimentary identity theft protection services. Whether CRMC had paid the nearly $1.15 million worth of Bitcoin demanded by Rhysida remains uncertain but the healthcare provider disclosed implementing additional safeguards in the wake of the intrusion.

CRMC's disclosure comes after Rhysida claimed attacks against Alabama's Heart South Cardiovascular Group, California's MACT Health Board, Texas' Spindletop Center, Maryland's MedStar Health, and Florida Lung, Asthma & Sleep Specialists.