Orthopedic Group is notifying its patients that their personal health information
was compromised during a November 2019 malware incident.
not specify what type of attack took place, but in a letter to patients the
the PHI of both current and former patients was either exposed or damaged beyond
recovery. The information includes names, address, telephone number, diagnosis
and treatment information. Fondren does not believe the information was exfiltrated.
The group will begin rebuilding its database by having its patients fill out
new forms during their next visit.
is reporting 34,049 patients are affected.
Fondren did not indicate the data was destroyed as a result of a ransomware
attack, there is an on-going trend among cybercriminals using this type of
attack where they wait many month to begin exposing data or start to make the
stolen data public in order to encourage the victim to pay.