The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information has potentially been compromised in a cyberattack that occurred on or around July 11, 2022. A team of external cybersecurity experts was engaged to assist with the investigation and remediation efforts, and its systems were successfully restored within a few days without causing any material delays to clinical care.
PSRSG said numerous security measures had been implemented prior to the attack, but the attackers were able to circumvent those defenses. Steps have since been taken to enhance security to prevent similar breaches in the future. The forensic investigation confirmed the attacker had access to its systems for around a week before the intrusion was detected and blocked.
It was not possible to determine which files were accessed or if any sensitive information was stolen in the attack, but the attacker claimed to have stolen sensitive data from its systems and threatened to release that information publicly. A review of the files on the compromised systems confirmed they contained protected health information, which included names, birth dates, contact information, Social Security numbers, driver’s license numbers, treatment information, guarantor information, and insurance information. The types of data in the files varied from individual to individual. PSRSG said affected individuals have been notified and offered free credit monitoring and identity theft insurance through Experian, “solely to give patients peace of mind.”
One Medical, Inc. Confirms Hacking Incident and Potential Data Breach
The Sherman, TX-based healthcare provider, One Medical Inc., has recently confirmed that it was the victim of a cyberattack in which names, addresses, medical information, and Social Security numbers were potentially compromised. The data breach was reported to the Attorney General of Texas on September 9, 2022, as a hacking incident. Limited information is currently available, but the breach appears to have affected at least 964 Texas residents.
This is the second data breach to have hit the firm in the past year or so. In July 2021, One Medical reported an email error in which the PHI of 1,009 individuals was impermissibly disclosed.