The FBI told Oregon Anesthesiology Group that a Ukrainian hacking group had an account that contained sensitive OAG patient and employee files.
Article Link: Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware | ZDNet