2 minute read

OKLAHOMA CITY (Free Press) — Northcare sent an email to all of its patients Friday informing them that their computer network had been the target of a ransomware attack and patient records were accessed.

Northcare is a mental health, substance abuse, and family counseling nonprofit with several locations in Oklahoma City and Logan County.

Ransomware is where hackers gain access to a network, harvest information that they can sell, then encrypt the entire network. They require a ransom from the network owner in order to get access to their information again.

According to the email, patient information the hackers gained access to were:

  • Full name
  • Social Security number
  • Address
  • Date of birth
  • Medical diagnosis

The email says a “forensics analysis” is still under way to clarify the extent of the damage.

Once the investigation is complete, individual letters will be sent to the patients whose information was accessed.

Northcare has set up a 1-800 number for patients. It’s 855-923-3861. Patients can call between 8:00 a.m. and 5:00 p.m. CST Monday through Friday.

The Northcare spokesperson who is handling inquiries about the incident did not respond to email, a phone call, or voicemail by publication Friday afternoon.


According to the email to patients, Northcare first discovered “unusual activity” on it’s computer network June 1. An internal investigation revealed that the hackers had been at work in the network since May 29.

The email says that during that three-day period Northcare discovered the attack and the attempt to encrypt the company’s information. Once the attack was discovered, “steps were taken to contain it ….”

According to the company, they were able to lock out the attack and restore their network and data from backups. They are limiting access to their network at the present.

The email reads: “Because the attackers had access to unsecured data on NorthCare’s computer network, NorthCare has concluded that the attackers may have gained unauthorized access to the personal health information of past and current patients.”

In the email, Northcare said that they are now working with “forensic experts” and have contacted the Federal Bureau of Investigation (FBI).

“To help protect the identity of those impacted by this security incident, we are offering complimentary access to identity monitoring, fraud consultation, and identity theft restoration services,” the email read.

Last Updated July 30, 2021, 6:16 PM by Brett Dickerson – Editor