VulnHub

Real-time Cybersecurity News

Cookeville Regional Medical Center hospital data breach impacts 337,917 people

Security Affairs
Actively Exploited
RansomwarePhishingData Breach

Overview

Cookeville Regional Medical Center in Tennessee suffered a significant ransomware attack that compromised the data of approximately 337,917 individuals. The attack, attributed to the Rhysida hacking group, resulted in the theft of around 500GB of sensitive information from the hospital's systems. This breach raises serious concerns about patient privacy and data security in healthcare settings. The stolen data could include personal health information, which could be exploited for identity theft or other malicious purposes. Affected individuals may need to monitor their accounts closely and remain vigilant against potential phishing attempts or fraud.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Cookeville Regional Medical Center systems, patient data, sensitive health information
  • Action Required: Affected individuals should monitor their financial accounts and report any suspicious activity.
  • Timeline: Disclosed on October 2023

Original Article Summary

A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved […]

Impact

Cookeville Regional Medical Center systems, patient data, sensitive health information

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Disclosed on October 2023

Remediation

Affected individuals should monitor their financial accounts and report any suspicious activity. The hospital may also implement enhanced security measures and provide identity theft protection services to those impacted.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Phishing, Data Breach.

Read Original Article

Related Coverage

North Korea Uses ClickFix to Target macOS Users' Data

darkreading

North Korean hacking group Sapphire Sleet is targeting macOS users through deceptive tactics. They are using fake job offers and bogus Zoom updates to distribute a malware called ClickFix, which is designed to steal user credentials and sensitive information from Mac computers. This type of attack not only compromises individual users but also poses a larger risk to organizations that rely on macOS systems for their operations. The use of social engineering techniques makes these attacks particularly effective, as users may be more likely to fall for the ruse of legitimate job opportunities or software updates. It's crucial for macOS users to be vigilant about unexpected communications and to verify the authenticity of job offers and software updates before taking any action.

Apr 16, 2026

Officials seize 53 DDoS-for-hire domains in ongoing crackdown

CyberScoop

In a recent operation dubbed PowerOFF, authorities seized 53 domains linked to DDoS-for-hire services, aiming to disrupt the activities of over 75,000 suspected cybercriminals. These services allow individuals to pay for attacks that overwhelm targeted websites and networks with excessive traffic, causing disruptions and downtime. The crackdown is part of a broader effort to combat cybercrime and reduce the prevalence of these harmful services. Officials have issued warnings to the involved individuals, urging them to cease their activities. This operation highlights ongoing concerns about the accessibility of DDoS attacks and the need for stronger measures to protect online infrastructure.

Apr 16, 2026

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

BleepingComputer

Hackers are taking advantage of a vulnerability in the Marimo reactive Python notebook to distribute a new version of NKAbuse malware, which is being hosted on Hugging Face Spaces. This malware is concerning because it allows attackers to perform various malicious activities on compromised systems. Users of Marimo notebooks, especially those who utilize Hugging Face for hosting their projects, need to be particularly vigilant. The exploitation of this flaw could lead to unauthorized data access and potential breaches. Organizations should prioritize patching this vulnerability and monitoring their systems for any signs of compromise.

Apr 16, 2026

Google to pay $135M settlement to Android phone users - how to claim your share if you qualify

Latest news

Google has agreed to pay $135 million in a settlement related to allegations that it collected data from Android phone users without their consent. The lawsuit claims that the company transmitted users' information over cellular connections even when they believed their data was secure. Affected users can file a claim to receive a portion of the settlement. This case raises important questions about user privacy and data handling practices, as many individuals may not be aware of how their data is being used. If you have an Android phone, it’s worth checking if you qualify to claim your share of this settlement.

Apr 16, 2026

US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea

Infosecurity Magazine

Two Americans have been sentenced to prison for running fake remote worker laptop farms that were part of a scheme to defraud companies on behalf of North Korea. These operations infiltrated over 100 firms, leading to significant financial losses. The scammers created the illusion of legitimate remote work opportunities, which allowed them to siphon money from unsuspecting businesses. This incident raises serious concerns about the extent of cybercrime linked to North Korean operatives and the vulnerabilities of companies to such scams. It serves as a grim reminder for businesses to be vigilant against sophisticated fraud tactics that exploit remote work trends.

Apr 16, 2026

Sweden reports Russia-linked hackers targeted power plant

SCM feed for Latest

Swedish officials have reported that pro-Russian hacker groups are escalating their cyber operations, moving beyond denial-of-service attacks to targeting critical infrastructure in Europe, specifically power plants. Civil Defense Minister Carl-Oskar Bohlin emphasized that these groups are now employing more destructive tactics, which raises concerns about the security of essential services. This shift in strategy could pose significant risks to the stability of energy supplies and other vital sectors in Sweden and potentially across Europe. The warning highlights the ongoing cyber threat landscape in the region, as governments and organizations must remain vigilant against such attacks. The situation calls for heightened cybersecurity measures to protect against potential disruptions to critical services.

Apr 16, 2026