In the latest significant breach, ransomware strikes the healthcare industry yet again. On Thursday, it was announced that Jefferson Dental and Orthodontics, of Texas, was the victim of a breach reported to affect over 1,026,820 patients across their 72 office locations in the state. The actual breach was discovered in August.
The breach was reported following the new Texas law that took effect in September 2021 and requires companies to report breaches that affect 500 or more individuals to the Texas Attorney General’s Office. The Jefferson Dental and Orthodontics breach marks the largest breach reported so far. Part of the new law requires reporting to this website, where all breaches within the state can be viewed.
Early findings show no evidence that the information acquired was used maliciously.
Isn’t it interesting that these breaches seldomly report that their data was extracted and used maliciously 🤔?
Compromised data included driver’s license numbers, health insurance information, Social Security numbers, and other miscellaneous patient financial information.
The clinic first completed its investigation and then notified patients with letters regarding the breach beginning in January 2022.
This breach follows a pattern of cyber actors targeting the healthcare industry for as long as ransomware has been in existence. The combination of sensitive information and (sometimes) poor technology practices makes the healthcare industry a prime target. Victims (the patients) are often unaware or ignore notifications that their information has been breached. It’s common for victims to receive mail notifying them of the breach, only to throw away or ignore the mail altogether.
As an individual and a business, stay vigilant and stay informed. Your information is always at risk. If PK Tech can support the IT security efforts of your business, get in touch with our team here.