The types of personal and/or medical information that may have been accessible by the unauthorized actor included: consultation notes, medical history, surgical operative notes, date of birth, and name.
SOURCE JEV Plastic Surgery and Medical Aesthetics, LLC
As is often (too often?) the case, the notice does not indicate who the threat actors were/are and whether any ransom demand was issued — or paid. So far, this incident has not shown up on any ransomware leak site or on HHS’s public breach tool.
