Columbus Regional Healthcare System's May 2023 data breach has affected 132,000 people, Cybernews reported Jan. 22.
The Whiteville, N.C.-based health system filed a notice with the attorney general in Maine on Jan. 19 stating that the incident compromised patients' names and Social Security numbers. The health system experienced unauthorized access of its computer network between May 19 and 21 but said in a notice posted on its website it wasn't able to confirm the breach and its extent until December.
This comes after ransomware group Daixin claimed responsibility for the attack, asserting its intention to release stolen data due to unmet payment demands. Reports suggested that Columbus Regional initially considered negotiations but was unable to meet Daixin's $2 million demand.
These reports have not been verified by the hospital, according to the report.
In the Jan. 19 notice on its website, Columbus stated that it is "not aware of any reports of identity fraud or improper use of any information as a direct result of this incident."