Patients of Integris Health in Oklahoma have been targeted by extortion emails claiming that their personal data was stolen in a cyberattack on the healthcare network. The hackers threatened to sell the stolen data to other threat actors if a ransom was not paid. The healthcare network confirmed the cyberattack in November and acknowledged that patient data was stolen. The extortion emails contained accurate personal information, including Social Security Numbers, dates of birth, addresses, phone numbers, insurance information, and employer information. The hackers provided a link to a Tor extortion site listing the stolen data and allowing visitors to pay to delete or view the records. Integris Health has warned recipients not to respond or click on any links in the emails. The attack on Integris Health is believed to be similar to the ransomware attack on Fred Hutchinson Cancer Center, with the threat actors using the exposed data for potential identity theft. However, paying a ransom does not guarantee the deletion of data and may result in further extortion attempts.