DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NM: Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive

Posted on January 25, 2018 by Dissent

Dr. Zachary E. Adkins DDS (“Dr. Adkins”) of Albuquerque New Mexico has advised its patients of a privacy event that may have compromised certain personal information. The events are the result of criminal activity.

On November 30, 2017, a laptop bag containing an external hard drive from Dr. Adkins’ office was stolen. The hard drive contained backup files from two programs used in his office – Florida Probe and Dentrix. The files in the Florida Probe backup were unencrypted, but contained only limited information of patient names and corresponding teeth pocket depth measurements that are used for periodontal exams. The files in the Dentrix backup contained patient names, addresses, phone numbers, dates of birth, Social Security numbers, treatment information, and insurance information. The Dentrix backup is protected within the software through Dentrix’s data-masking techniques that use cryptographic technology. It would be accessible only to someone who had the Dentrix software along with Dr. Adkins’s unique software serial number and Dr. Adkins’s Dentrix username and password. No financial information, bank account information, or credit card numbers are kept on file by Dr. Adkins, so none of that information has not been compromised as a result of this incident.

Since Dr. Adkins has not yet been able to recover the stolen hard drive, he is unable to confirm whether the criminal actually accessed or acquired any patient information. However, out of an abundance of caution, Dr. Adkins has notified all potentially affected individuals about the issue and offered them free identity theft protection services. Dr. Adkins also reported the incident to law enforcement and will continue cooperating with any investigation.

“We take great pride in providing excellent quality dentistry with integrity and compassion. We take patient privacy very seriously, and we are very sorry for any concern or inconvenience this incident has caused or may cause anyone who has been affected,” said Dr. Adkins.

Those who believe they may have been affected by this incident may call Dr. Adkins’s dedicated, toll-free incident response hotline at (800) 310-0268 for more information.

Dr. Adkins is a dental provider located in Albuquerque, New Mexico that provides preventative, rehabilitative, and cosmetic dental services.

Source: Zachary E. Adkins, DDS

Update:  So I wasn’t believing the reassurances about how Dentrix protected the patient data. Specifically, where the dentist claimed:

[The data in Dentrix] would be accessible only to someone who had the Dentrix software along with Dr. Adkins’s unique software serial number and Dr. Adkins’s Dentrix username and password.

So I reached out to Justin Shafer, who has done a lot of research on Dentrix security, including reporting vulnerabilities in their software to the government.  Shafer and I had collaborated on a complaint to the FTC about Schein advertising an early version of Dentrix as providing “encryption.” But even now, this dentist, while not claiming the data “encrypted,” is claiming that you’d need things you reportedly do not need to access the data on the stolen drive.

Shafer explains what he believes is wrong with the dentist’s reassurances in a blog post on his blog.

Category: Health DataTheft

Post navigation

← Kansas website exposed state employees’ personal information: report
Former employee of Veterans Affairs indicted for attempted sale of personal info of veterans and employees →

1 thought on “NM: Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive”

  1. Anonymous says:
    January 26, 2018 at 3:28 am

    Someone wrote a blog post about this:
    http://justinshafer.blogspot.com/2018/01/someone-had-their-hard-drive-stolen.html

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.