OKLAHOMA CITY (KFOR) – NorthCare Mental Health Clinics in Oklahoma City and Tulsa have suffered ransomware attacks in recent weeks amid a flurry of them in the state.
It’s unclear how many patients were impacted or how much of their sensitive personal data was taken. A ransomware attack could mean the theft of things like health records, Social Security numbers, birth dates and insurance information. During the attack, officials with the company said they refused to pay the ransom.
Two of NorthCare Mental Health Clinic’s five locations were actually shut down for almost a week due to the attack. They are just now starting to recover by getting their systems back online and slowly in segments.
“I think this is a company’s worse nightmare,” said Tonya Ratcliff with NorthCare Marketing and Communications.
It’s a nightmare they are just now waking up from after the ransomware attack in early June. Hackers took data and shut down almost their entire operation.
“We weren’t able to have that online presence and the need to be able to conduct that online business,” Ratcliff said. “They tried to absolutely eliminate and destroy everything.”
Ratcliff said the hackers weren’t completely successful. She also said they are one of eight recent ransomware attacks on Oklahoma organizations and companies.
“There’s no organization or company that can completely eliminate the risk of a cyber-attack,” Ratcliff said.
“I think it probably happens more often than people think,” said Patrick Allmond with Focus Marketing.
This comes after a ransomware attack on the entire city of Tulsa. The attack shut down several of the cities services, including police body cams and certain utilities.
“Often times they really do succeed,” Allmond said.
According to Allmond, big companies may be targeted, but it can happen to any individual. He also said hackers are very hard to track.
“As always, make sure your personal information is secure also,” Allmond said. “Your hacker could be 20 feet away from you in the house next door or your hacker could be a couple of countries away from you.”
Ratcliff though said she’s just thankful because it could have been worse if not for their IT team isolating the incident and taking care of it.
“We feel certain that we have done everything physically possible to this point to eliminate another attack,” she said. “It’s tragic and it’s not something that anyone is happy about.”
Be sure to get fresh headlines delivered to your inbox weekday mornings! You can also sign-up for breaking email alerts! KFOR.com/Newsletters
It should be noted that all NorthCare locations are open and they are slowly rolling back out their system. KFOR sent state officials an email asking what they have in place to protect against this. Their response can be read below:
“The state has made multiple investments in technology to prevent these types of attacks from succeeding. The most effective defense in protecting against ransomware remains in educating our end users and the general public. The most common ways ransomware gets into environments are either from someone going to a website with malicious software or by falling victim to a phishing email and either clicking on a link to a website with malicious software or providing their credentials on a website that harvests them for later use. Our OMES Cyber Command team encourages state employees to be vigilant; inspect any links they receive in email for typos and unrecognized domains and only click on those links and open attachments if they are expecting them from trusted sources. We also send frequent reminders to use unique passwords and require password updates be made frequently.”CADEN CLEVELAND, OKLAHOMA OFFICE OF MANAGEMENT AND ENTERPRISE SERVICES