Central Indiana Orthopedics & Duncan Regional Hospital Report 80K-Record Data Breaches

Share this article on:

Cyberattacks have been reported by Duncan Regional Hospital in Oklahoma and Central Indiana Orthopedics that have affected a total of 170,084 individuals.

Duncan Regional Hospital

Duncan Regional Hospital has recently announced it was the victim of a cyberattack in January. The incident was detected on January 20, 2022, when suspicious activity was identified in some of its IT systems. All systems were immediately taken offline to prevent further unauthorized access and a third-party computer forensics firm was engaged to determine the nature and scope of the breach.

Duncan Regional Hospital said the hackers did not gain access to its electronic medical record system but did access parts of the network where files containing patient data were stored. Those files contained patient names, addresses, phone numbers, dates of birth, Social Security numbers, appointment information such as dates of service and healthcare provider names, and limited treatment information.

Steps have been taken to improve security and prevent further attacks, including an organization-wide password reset and implementing new endpoint threat detection and response monitoring software and more robust firewall restrictions. Affected individuals have been notified and offered complimentary credit monitoring and identity protection services.

The incident has been reported to the HHS’ Office for Civil Rights as affecting 86,379 patients.

Central Indiana Orthopedics

Earlier this month, Central Indiana Orthopedics announced it was the victim of a cyberattack that was detected on October 16, 2021. Steps were immediately taken to secure its network and a third-party computer forensics firm was engaged to investigate the breach.

The investigation revealed files containing patient information had been accessed by unauthorized individuals, although no reports have been received that suggest any patient information has been misused. The types of information in the files varied from patient to patient and may have included names, addresses, Social Security numbers, and limited medical information.

Central Indiana Orthopedics said several steps have been taken in response to the breach to improve security, prevent further cyberattacks., and mitigate the risk of future harm. All individuals affected by the breach have been notified and offered complimentary credit monitoring, dark web monitoring, and identity theft protection services.

The incident has been reported to the HHS’ Office for Civil Rights as affecting 83,705 individuals.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On