The Yuma Regional Medical Center (YRMC) in Arizona has released details of a ransomware attack that affected their systems in April. According to the notification letter sent to customers, over 700,000 patients had their Social Security Number (SSN) leaked in the attack. Along with SSNs, other data that was potentially accessed includes health insurance information, names, and limited medical data about the customers. No ransomware group has claimed responsibility for the attack, but if it was a group that uses leaked data as a way to force victims into paying ransom, it is likely the data will be posted publicly.
Data theft is a common tactic used by ransomware operators to force victims into paying the ransom. Customers that have received a notification about being part of the breach should ensure that they follow mitigation steps in order to protect themselves. This includes setting up credit monitoring to make sure that if the data gets leaked, no one can fraudulently open accounts using their Social Security Number.