Dark Overlords offer 500 patient records stolen from Athens Orthopedic Clinic on black market

The clinic traced the breach of nearly 400,000 thousand records to an external cyberattack against its EHR in which the hackers gained access to personal information by using third-party credentials. 
By Jeff Lagasse
10:38 AM
Share
Dark Overlords Athens Orthopedic

Approximately 500 patient records stolen from Athens Orthopedic Clinic have emerged on the black market by a group of hackers that goes by the name Dark Overlords, according to Keller Rohrback LLP. The legal firm is investigating reports of the breach involving some 397,000 current or former patients' information from Athens Orthopedic.

The breach happened as part of an external cyberattack on the clinic's electronic medical records using the credentials of a third-party vendor, Athens Orthopedic explained.

Hackers gained access to personal information including names, addresses, social security numbers, dates of birth and telephone numbers, and in some cases diagnoses and partial medical history. 

[Ransomware: Victims have small window of opportunity to stop an attack dead in its tracks]

"We apologize for the stress and worry this situation is causing our patients and their families,”the clinic wrote on its website.“To protect against such breaches in the future, Athens Orthopedic Clinic has retained cybersecurity experts to investigate and make recommendations for additional improvements to our system, and has begun implementing these recommendations.”

Athens Orthopedic Clinic is based in Georgia with more than a dozen other locations statewide, including Athens, Bethlehem, Commerce, Covington, Greensboro, Jefferson, Loganville, Madison, Monroe, Royston, and Snellville. AOC locations include Athens Orthopedic Clinics as well as work at the William Mulherin Surgery Center, Sports Performance and Rehabilitation Center (SPARC), and Athens Urgent Care.

Twitter: @JELagasse


Like Healthcare IT News on Facebook and LinkedIn