DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MO: Tague Family Practice patient records stolen and leaked

Posted on April 6, 2022 by Dissent

Tague Family Practice (TFP) in St. Louis, Missouri is a primary care practice that strives to maintain the traditional care model of a doctor who spends time getting to know you and providing preventative care as well as care for acute problems or chronic conditions.

On some date unknown to DataBreaches.net, the practice fell victim to a LockBit ransomware attack.

On March 17, the threat actors added TFP to their leak site. More recently, they dumped data that certainly appears to be from the practice.

DataBreaches.net did not download or examine all of the files, but sampled from some of them. The files pretty much all contained personal and protected health information, and much of it was sensitive. The dump did not seem to be of any organized EMR system, but may have been from a backup, with subfolders on billing, processed claims, labs, other patient-related records. Personal information on employees was also included, but DataBreaches.net did not see any payroll or tax records in the brief review of files.

Termination of Care Letter
As proof of claim, LockBit posted the unredacted version of this letter to a patient saying that they would have to find another doctor because Dr. Tague would no longer treat them.

 

 

Request for records
The state sought the records of a patient who had serious health issues, as identified in this letter. Redacted by DataBreaches.net.

This incident does not appear on HHS’s public breach tool at the time of this posting. DataBreaches.net does not know how many patients had their data accessed and/or acquired. The medical practice has not responded to multiple inquiries sent to it over the past three weeks. As one consequence, DataBreaches.net does not know whether the practice has sent any notification letters to patients and to what extent the practice might have been impacted by any file encryption or corruption. There is nothing on the practice’s website to suggest that there had been any interruption in services.

This post may be updated when more information becomes available.

If you are a patient of Tague Family Practice, please contact this site to let us know if you have received any notification of a data security incident affecting your information.

Related posts:

  • Forbes Breach Email Statistics
  • Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy
  • Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
  • TeamGhostShell posts “master list” of 548 leaks (so far)
Category: Breach IncidentsHealth DataMalwareU.S.

Post navigation

← APT10: These sneaky hackers hid inside their victims’ networks for nine months
Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.