Athens (Ga.) Orthopedic Clinic suffered a data breach in June that exposed the information of around 397,000 current and former patients. Now, 500 of the stolen patient health records have surfaced on the black market, according to a Keller Rohrback investigation.
Here are six key points:
1. A hacker group, known as the Dark Overlords, is offering the patient records for sale on the black market.
2. The data breach exposes patients' names, addresses, Social Security numbers, telephone numbers, dates of birth as well as medical data. According to the practice CEO Kayio Elliott, "hackers used a third-party vendor's log-in credentials to get access to the system."
3. Athens Orthopedic Clinic has mailed letters notifying patients of the breach and posted the letter to their website.
4. The practice is urging affected patients to place fraud alerts on their credit reports and examine their credit reports closely.
5. In the letter, the practice stated it has "has retained cyber security experts to investigate and make recommendations for additional improvements to our system, and have begun implementing these recommendations."
6. Athens Orthopedic Clinic includes 17 locations around Georgia and includes 20 physicians.