DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rape & Brooks Orthodontics notifies 20,744 patients that their information was on stolen server

Posted on May 4, 2011 by Dissent

Rape & Brooks Orthodontics, P.C., a multi-office Alabama practice specializing in braces for children and adults, recently notified 20,744 patients that burglars had broken into their Centerpoint, Alabama office and stolen some equipment, including a server that held personal and protected health information on patients who had been seen over the last 30 years by Rape & Brooks Orthodontics, PC; Luther T. Cale & W. Gregory Rape, Orthodontics, PC; St. Clair Orthodontics, LLC and Luther T. Cale, DMD Orthodontics, PA.

According to a statement on their web site dated March 4, the theft was discovered on the morning of February 4. Information on the server included the names of patients and account holders (e.g., the parent) as well as their addresses and the minors’ date of birth. For those account holders who provided insurance information, their Social Security number and date of birth may also be part of this data. Social Security numbers of minor children were not stored on the server, but the orthodontists note that for those patients who had insurance under AllKids with Blue Cross & Blue Shield of Alabama, their SSN might be part of their insurance information.

Some credit card numbers were also stored on the server for a “small and select number of account holders.”

In addition to the server containing so much unencrypted personal information, several computers and external drives were taken contained facial and intraoral photographs of patients. The statement notes that “The license for the software necessary to view these photographs has been canceled, so these photos should no longer be accessible by anyone.”

The Jefferson County Sheriff’s Department was notified of the theft.

You can read their statement on their web site, replete with self-serving statements that might falsely reassure patients who should be taking steps to protect themselves. There is also a companion FAQ. The doctors do not offer their patients any free credit-monitoring or credit restoration services.


Related:

  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Missouri Adopts New Data Breach Notice Law
Category: Breach IncidentsHealth DataTheftU.S.

Post navigation

← Laptop stolen from contractor’s car affects 1,700 who sought to adopt children through Catholic Social Services
(Follow-up) HI: Former beauty queen sentenced to 20 years in prison for ID theft →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.