A cybersecurity expert found Cookeville Regional employee or patient information for sale Tuesday morning on the dark web, the part of the internet associated with illegal activities.
The expert provided screenshots to TheUCNow.Com of Tennessee drivers licenses, social security numbers, medical records, and tax records. The photos show clear images of people associated with Cookeville Regional.
The data was made available by someone who said they hacked the Cookeville Regional information. It is believed this is related to the network attack of the last several weeks.
In a statement Tuesday afternoon, Cookeville Regional’s Hannah Davis said the medical center is aware of claims that the third party responsible for the attack accessed sensitive information from the medical center’s computer systems. Davis said those claims are being investigated by the forensic security firm.
“We have notified law enforcement about the incident and will cooperate fully with them as they conduct their own investigation,” Davis said in a statement. “CRMC is also taking steps to reduce the risk of this type of incident occurring in the future, including enhancing its technical security measures.”
The dark web requires special browsers to access. Experts report it is often used as a clearinghouse for illegal-obtained information. It could include passwords, credit card information, and other materials. Normal search engines do not reach these areas.
“We will provide additional information to our patients and the community as appropriate based on our ongoing investigation,” Davis said.
Cookeville Regional has spent the last several weeks dealing with the ransomware attack believed to have been launched overseas.
