Yearlong breach at Maryland orthopedic group exposed info of 125,000 people

Alan Condon -   Print  |

The information of more than 125,000 people had been exposed for a year by the time Bethesda, Md.-based Centers for Advanced Orthopaedics found that it had been the victim of a cyberattack this year, the centers recently informed patients and members of its employee health plan.

On Sept. 17, 2020, the practice identified unusual email activity and launched an investigation into the incident with assistance from cybersecurity experts. On March 25, the group began notifying 125,291 patients, employees and dependents of the cyberattack.

"Multiple employee email accounts were subject to unauthorized access between October 2019 and September 2020," the practice said in a news release. Centers for Advanced Orthopaedics subsequently initiated a data-mining effort to identify potentially affected individuals.

The practice on Jan. 25 determined that protected health information was contained in emails accessible to the cybercriminal, but said it cannot confirm whether this information was accessed or acquired by the individual.

Information exposed in the hacks may include Social Security numbers, passport number and financial account information. 

The practice said it is reviewing policies and procedures, assessing its security infrastructure and installing additional safeguards to protect against future cyberattacks.

More articles on practice management:
Which spine procedures are surgeons migrating to the ASC in 2021?
The next 3 years in spine: What will gain ground on fusion?
5 ways spine surgery is changing: ASCs, endoscopic surgery & more

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies here.

Featured Webinars

Featured Whitepapers