Cookeville Regional Medical Center breach impacted over 337,000 individuals

Tennessee-based Cookeville Regional Medical Center said a major data breach in July 2025 compromised the personal, healthcare and financial information related to as many as 337,917 individuals.

 

In a data security incident notice posted on its website, the medical centre announced this week that the cyber security incident involved unauthorised actors accessing its computer network between July 11, 2025, and July 14, 2025, and exfiltrating vast amounts of data it stored about its patients.

 

The malicious activity was discovered on July 14, following which the medical centre immediately severed the unauthorised access, notified law enforcement agencies and launched an investigation with help from a forensic security firm into the cyber security incident to determine what had occurred.

 

Operating since 1921, Cookeville Regional Medical Center is a 289-bed referral healthcare facility located in Cookeville, Tennessee with over 2,400 employees and 200 medical staff members serving the Upper Cumberland region.
 
The medical centre’s investigation revealed that unauthorised actors had accessed its computer network, following which it conducted a comprehensive review of the affected files to determine the nature of data accessed by the hackers. The review found that malicious actors had accessed and copied patients’ sensitive personal, healthcare and financial information.

 

The compromised data included patients’ names, addresses, dates of birth, Social Security numbers, driver’s license numbers, financial account numbers, medical treatment information, medical record numbers, and/or health insurance policy information. 

 

In a data security incident notification filed with the office of the Attorney General of Maine, Cookeville Regional Medical Center announced that the cyber incident compromised the information of as many as 337,917 patients.

 

"CRMC is committed to maintaining the privacy and security of the information entrusted to it. CRMC has taken, and is taking, additional steps to help reduce the likelihood of a similar event from happening in the future, including by enhancing its technical security measures," the medical centre said.

 

Cookeville said it has no evidence of the stolen information being misused by malicious actors, but as a precaution, it is offering complimentary identity theft protection services for individuals whose Social Security numbers and/or driver’s license numbers were stolen during the incident.