A Cookeville ransomware attack has shaken Tennessee’s healthcare system after hackers targeted the Cookeville Regional Medical Center (CRMC). The cybercriminal group Rhysida claimed responsibility and published stolen patient records on the dark web.
Rhysida Group Leaks Sensitive Medical Data
The ransomware group Rhysida posted evidence of the breach on its dark web site. It published files allegedly stolen from CRMC, including patient names, insurance data, and diagnostic information.
Screenshots shared by Rhysida show scanned patient documents, identity cards, and internal forms. The group also published employee records, such as payroll documents and tax forms.
CRMC has not confirmed the full extent of the breach but acknowledged it experienced a ransomware attack in late August. The hospital has since launched an investigation with law enforcement and external cybersecurity firms.
Attack Timeline and Response
The hospital detected the incident on August 23rd. As a precaution, CRMC took many of its systems offline. Patient care continued, but delays and disruptions followed across departments.
On September 3rd, Rhysida listed CRMC as a victim and claimed to possess sensitive data. The attackers reportedly demanded a ransom, though it’s unclear whether CRMC engaged in negotiations.
Ongoing Risks in Healthcare
The Cookeville ransomware attack highlights the ongoing cybersecurity risks facing hospitals across the U.S. Healthcare data is highly valuable, and hospitals often lack strong cyber defenses.
Rhysida is a known ransomware-as-a-service (RaaS) group that previously targeted other public sector institutions. Its tactics include double extortion—demanding ransom while also threatening to leak stolen data.
Conclusion
The Cookeville ransomware attack serves as another warning about the growing threat to healthcare systems. As ransomware groups evolve, hospitals must invest in stronger security, employee training, and data protection. Failing to do so puts both patients and operations at risk.
0 responses to “Cookeville Ransomware Attack Disrupts Tennessee Medical Center”