Attackers gained access to Integris Health’s network on 28 November 2023. On 24 December 2023, Integris discovered that patients were being directly contacted by the cybercriminal group and offered to pay $3 to view their stolen data or $50 to have it deleted, with a deadline of 5 January 2024. HHS OCR notified February 2024 of 2,385,646 individuals affected. Stolen data included names, contact information, dates of birth, demographic information, and SSNs. $30 million class action settlement reached. Novel tactic of directly extorting individual patients rather than only the breached organisation.