Integris Health, Oklahoma's largest not-for-profit health system, experienced a significant cyberattack in November 2023, which was publicly disclosed in December 2023. The incident involved unauthorized access to sensitive patient data, leading to hackers directly contacting affected individuals via email with extortion demandsβtypically $50 to prevent the sale of their information on the dark web. The breach compromised personal information such as full names, dates of birth, addresses, phone numbers, email addresses, demographic details, Social Security numbers, and some medical records.In February 2024, Integris Health officially reported the breach to the U.S. Department of Health and Human Services (HHS), confirming that it impacted approximately 2.39 million individualsβpredominantly patients, with about 90% residing in Oklahoma. Notifications to affected patients were ongoing into 2024, as the health system reviewed stolen files and provided credit monitoring services to those at risk. The FBI became involved, seeking victims to assist in the investigation, as the attackers had initially demanded a ransom from Integris, which the organization refused to pay.The incident has led to multiple class-action lawsuits against Integris Health, alleging negligence in cybersecurity measures and delays in notifying victims. As of mid-2024, some lawsuits were ongoing, while others faced dismissal attempts. No major updates or resolutions have been reported in 2025, and there are no indications of a new breach at Integris this year.This event exemplifies the persistent vulnerabilities in the healthcare sector, which has been a prime target for cybercriminals due to the high value of medical data on the black market. In the first half of 2024 alone, healthcare data breaches affected over 100 million individuals across the U.S., with Integris ranking among the top 10 largest incidents. As of July 2025, the sector continues to face elevated risks, with reports of new attacks on providers like Change Healthcare (affecting up to one-third of Americans in early 2024) and ongoing threats from ransomware groups. These incidents highlight systemic issues, including outdated IT infrastructure, third-party vendor risks, and insufficient investment in cybersecurity, contributing to a year-over-year increase in breach frequency and scale.