Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cookeville Regional Medical Center (CRMC) hit by ransomware attack

Incident
First reported
Last updated
Happening score
H score 25
2 unique sources, 2 articles

Summary

Hide ▲

The Cookeville Regional Medical Center (CRMC) suffered a ransomware attack that caused a network intrusion and a major data breach affecting more than 337,000 individuals. CRMC discovered the intrusion on July 14, 2025 after files had already been stolen in the prior days. The compromised records could include SSNs, financial account numbers, and medical information, creating ongoing privacy and identity risk.

Related Happenings

American Lending Center hit by ransomware attack

Incident
First: 15.05.2026 14:06 Last: 15.05.2026 14:06 Sources 1

About this happening: The **American Lending Center** confirmed a **ransomware breach** that may have exposed personal data for **more than 123,000 individuals**, including **names, dates of birth, and...

Open Happening

Cookeville Regional Medical Center patient records leak

Data Leak
First: 16.04.2026 18:01 Last: 16.04.2026 18:01 Sources 1

How related: Files were accessed or acquired by an unathorized party between July 11 and July 14, 2025, according to a filing with the Maine Attorney General's Office.

About this happening: **Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...

Open Happening

Cookeville Regional Medical Center data leak on Rhysida leak site

Data Leak
First: 16.04.2026 15:40 Last: 16.04.2026 15:40 Sources 1

How related: However, they claim they did not find a buyer, and they apparently made the stolen data freely available for download.

About this happening: The **Rhysida** group’s posting of **Cookeville Regional Medical Center (CRMC)** data exposed sensitive personal, financial, and medical records tied to **more than 337,000 people...

Open Happening

Ingram Micro hit by ransomware attack

Incident
First: 19.01.2026 15:33 Last: 19.01.2026 15:33 Sources 1

About this happening: **Ingram Micro** disclosed a **ransomware attack** that led to **unauthorized file theft** from internal repositories and a breach affecting **over 42,000 individuals**. The incid...

Open Happening

Sax LLP hit by network compromise

Incident
First: 29.12.2025 17:40 Last: 29.12.2025 17:40 Sources 1

About this happening: **Sax LLP** is notifying **over 220,000 individuals** after a **cyberattack** compromised **sensitive personal data**, creating identity-theft risk from a long-undisclosed breach....

Open Happening

Timeline

  1. 16.04.2026 18:01 1 articles · 1mo ago

    Rhysida claims CRMC ransomware intrusion

    Attribution Update

    Rhysida claimed responsibility for the Cookeville Regional Medical Center ransomware intrusion on August 2, 2025, demanded 10 Bitcoin worth roughly $1.15m, and posted sample files on its dark web leak site.

    Show sources
    Open in new tab
  2. 16.04.2026 18:01 2 articles · 1mo ago

    CRMC begins breach notifications for 337,917 affected individuals

    Initial Disclosure

    Cookeville Regional Medical Center began mailing breach notification letters on April 14, 2026 after a July 2025 ransomware attack that affected 337,917 individuals; a filing with the Maine Attorney General's Office said files were accessed or acquired by an unauthorized party between July 11 and July 14, 2025, and the exposed data may include names, addresses, dates of birth, Social Security numbers, driver's license numbers, financial account details, medical record numbers, treatment information and health insurance data. CRMC also offered 12 months of free identity theft protection through Experian.

    Show sources
    Open in new tab
  3. 16.04.2026 15:40 1 articles · 1mo ago

    CRMC detects network intrusion

    Detection Ioc Update

    Cookeville Regional Medical Center in Tennessee discovered a network intrusion on July 14, 2025, and investigators determined that certain files had already been stolen in the prior days during a ransomware attack.

    Show sources
    Open in new tab
  4. 16.04.2026 15:40 1 articles · 1mo ago

    CRMC discloses breach scope and affected data

    Victim Impact Update

    Cookeville Regional Medical Center told the Maine Attorney General’s Office on April 16, 2026 that the breach affects more than 337,000 individuals, that it had no evidence any information was misused, and that the compromised files could include names, dates of birth, addresses, SSNs, driver’s license numbers, financial account numbers, medical treatment information, and health insurance policy information.

    Show sources
    Open in new tab