Debra Heaton thinks Clarksville Surgical Associates should do more after she and other patients received letters this week informing them some of their personal information may have been exposed.
AdvertisementBut Dr. Steven Daugherty, owner of the practice, said by mailing 14,500 letters to clients, he has gone “above and beyond” what the law requires when sensitive information like Social Security numbers are potentially accessed over the Internet.
While it doesn’t appear any information has been improperly obtained, there’s no way of absolutely knowing, so he sent letters to alert patients of the potential breach so they can take precautions “they should already be doing.”
[…]
Daugherty said an information technology contractor “left a flaw” in a computer program for his office that allowed a “robot computer” to gain access to the system.
He said a robot is remotely programed to continuously search the Internet for certain information. Once that information is found, the robot tries millions of password combinations until it gains access.
A forensic IT specialist discovered that such a breach happened with Surgical Associates’ computer system and fixed the problem, Daugherty said.
“We don’t have any evidence that any information was downloaded,” he said, adding that the computer system contains no credit card numbers, bank numbers or driver’s license information.
Read more in The Leaf Chronicle.