In October, 2021, this site reported that Central Indiana Orthopedics (CIO) had promptly disclosed a data security incident involving Grief threat actors.
This week, CIO’s external counsel notified the Maine Attorney General’s Office about the incident, reporting that 83,705 patients were impacted, total. Types of information involved included name, address, Social Security number, and
limited health information. The practice is also offering those impacted mitigation services with IDX. More information can be found linked to the Maine AG’s Office.
Note that CIO’s notification does not make clear whether any ransomware was actually deployed or any files encrypted.