Breach, Data Security

Central Ohio Urology Group reports 300K records compromised

The Central Ohio Urology Group reported that in early August it became aware of an incident where an unauthorized posted patient and employee information to Twitter.

How many victims? 300,000.

What type of information? The patient and employee information compromised included name, address, telephone number(s), email, birthdate, Social Security number, driver's license/state identification number, patient identification number, medical and health plan information, account information, diagnosis or treatment information, health insurance information and identifiers, and employment-related information.

What happened? On August 2, 2016 an unauthorized person or group from of Ukrainian activists posted files and documents posted files and documents to an online drive accessible on the internet. The information posted included links to the hacked data, screenshots of the stolen databases and was posted to a the Ukrainian group's Twitter account.

What was the response?  Central Ohio Urology Group sent letters notifying those affected and has hired an outside security firm to investigate the incident.

Quote:  “Upon learning of the personal information posting we took prompt steps to address the situation. We contacted law enforcement and had the information removed from the online drive within hours. We also promptly retained a computer forensics firm to assist in investigating our systems and to help determine what may have happened.”

Source:  Central Ohio Urology Group, The Columbus Dispatch

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.