DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NM: Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive

Posted on January 25, 2018 by Dissent

Dr. Zachary E. Adkins DDS (“Dr. Adkins”) of Albuquerque New Mexico has advised its patients of a privacy event that may have compromised certain personal information. The events are the result of criminal activity.

On November 30, 2017, a laptop bag containing an external hard drive from Dr. Adkins’ office was stolen. The hard drive contained backup files from two programs used in his office – Florida Probe and Dentrix. The files in the Florida Probe backup were unencrypted, but contained only limited information of patient names and corresponding teeth pocket depth measurements that are used for periodontal exams. The files in the Dentrix backup contained patient names, addresses, phone numbers, dates of birth, Social Security numbers, treatment information, and insurance information. The Dentrix backup is protected within the software through Dentrix’s data-masking techniques that use cryptographic technology. It would be accessible only to someone who had the Dentrix software along with Dr. Adkins’s unique software serial number and Dr. Adkins’s Dentrix username and password. No financial information, bank account information, or credit card numbers are kept on file by Dr. Adkins, so none of that information has not been compromised as a result of this incident.

Since Dr. Adkins has not yet been able to recover the stolen hard drive, he is unable to confirm whether the criminal actually accessed or acquired any patient information. However, out of an abundance of caution, Dr. Adkins has notified all potentially affected individuals about the issue and offered them free identity theft protection services. Dr. Adkins also reported the incident to law enforcement and will continue cooperating with any investigation.

“We take great pride in providing excellent quality dentistry with integrity and compassion. We take patient privacy very seriously, and we are very sorry for any concern or inconvenience this incident has caused or may cause anyone who has been affected,” said Dr. Adkins.

Those who believe they may have been affected by this incident may call Dr. Adkins’s dedicated, toll-free incident response hotline at (800) 310-0268 for more information.

Dr. Adkins is a dental provider located in Albuquerque, New Mexico that provides preventative, rehabilitative, and cosmetic dental services.

Source: Zachary E. Adkins, DDS

Update:  So I wasn’t believing the reassurances about how Dentrix protected the patient data. Specifically, where the dentist claimed:

[The data in Dentrix] would be accessible only to someone who had the Dentrix software along with Dr. Adkins’s unique software serial number and Dr. Adkins’s Dentrix username and password.

So I reached out to Justin Shafer, who has done a lot of research on Dentrix security, including reporting vulnerabilities in their software to the government.  Shafer and I had collaborated on a complaint to the FTC about Schein advertising an early version of Dentrix as providing “encryption.” But even now, this dentist, while not claiming the data “encrypted,” is claiming that you’d need things you reportedly do not need to access the data on the stolen drive.

Shafer explains what he believes is wrong with the dentist’s reassurances in a blog post on his blog.


Related:

  • Paying cyberattackers is wrong, right? Should Taos County's incident be an exception?
  • HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
Category: Health DataTheft

Post navigation

← Kansas website exposed state employees’ personal information: report
Former employee of Veterans Affairs indicted for attempted sale of personal info of veterans and employees →

1 thought on “NM: Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive”

  1. Anonymous says:
    January 26, 2018 at 3:28 am

    Someone wrote a blog post about this:
    http://justinshafer.blogspot.com/2018/01/someone-had-their-hard-drive-stolen.html

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.