DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Three more medical practices hit by ransomware

Posted on August 10, 2020 by Dissent

Atlanta does not seem to be a safe place for cybersecurity of orthopedic patients’ data. In 2016, orthopedic clinics in Atlanta got clobbered by two big breaches involving thedarkoverlord. The first was a hack and extortion demand on Athens Orthopedic Clinic, an organization that had more than a dozen locations but somehow didn’t have enough insurance to offer their patients any complimentary credit monitoring services. We also learned about a second hack and extortion attempt by thedarkoverlord against Peachtree Orthopedic, who after initially (and falsely) claiming that I had my facts all wrong, finally disclosed their breach, only to have more than 500,000 patients’ data dumped by thedarkoverlord shortly thereafter.

Now another chain of Atlanta orthopedic centers has been hit by threat actors. This time, it is Piedmont Orthopedics / OrthoAtlanta that has been hit, and by Pysa (Mespinoza) threat actors.

Pysa threat actors list their “partners” as they call their victims.

The threat actors have already dumped more than 3.5 GB of data. Much of it is information about rentals and business aspects, but looking through the files, I found a number of highly detailed medical records on patients that include their name, date of birth, address and contact information, diagnosis, surgical details, laboratory tests, cardiograms, and insurance information — pages and pages of protected health information. The files may have been exfiltrated on July 11, looking at the time-stamps in the dumped archive.

There is no notice on the medical group’s website and nothing on HHS’s public breach tool at this time. DataBreaches.net sought a statement and additional details from the medical group but did not get a reply by publication time. This post will be updated if a reply is received.

But Piedmont Orthodpedics/OrthoAtlanta is not the only medical group to have been hit recently by ransomware. The Center for Fertility and Gynecology in California and Olympia House Rehab, also in California, have both been recently hit by Netwalker ransomware. Neither one of those latter entities has any notice on their web sites, and the attackers have not yet dumped any of their data, although they have posted some screenshots as proof of access and are threatening to dump data soon if their victims don’t pay up.

DataBreaches.net also reached out to the Netwalker victims  for additional details and any statement, but also received no reply from them by publication time.

 

Category: Breach IncidentsHealth DataMalwareOf NoteU.S.

Post navigation

← Travelex Forced into Administration After Ransomware Attack
Ashley County Medical Center investigates former employee accused of violating federal privacy laws →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.