On July 14, 2025, Cookeville Regional Medical Center (“CRMC”) became aware of suspicious activity on its computer network, indicating a data breach. Based on a subsequent forensic investigation, CRMC determined that cybercriminals infiltrated this inadequately secured network and gained access to its files between July 11, 2025 through July 14, 2025. The investigation further determined that, through this infiltration, cybercriminals potentially accessed and acquired files containing the sensitive personal information of 337,917 individuals.
The information potentially exposed in the data breach likely includes, but is not limited to:
- Names
- Addresses
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Financial account numbers
- Medical treatment information
- Health insurance information
As a result of the CRMC data breach, these individuals’ personal and highly confidential information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity fraud.
Murphy Law Firm is investigating claims on behalf of all individuals whose personal and confidential information was potentially compromised in the data breach. We are evaluating legal options, including a potential class action lawsuit, to recover damages for individuals who were affected by the Cookeville Regional Medical Center data breach.