A major cyberattack rocked the healthcare industry in February when Optum's Change Healthcare was hit by a ransomware gang that claims to have stolen massive amounts of patient data.
The Change attack may have had the biggest impact, but it's not the only one: In the first three months of the year, hundreds of thousands of patients nationwide, including orthopedic patients, have had their data breached by various ransomware gangs.
Here are some of the data breaches plaguing orthopedic patients this year:
1. Des Moines (Iowa) Orthopaedic Surgeons was hit with a data security incident that affected certain protected health information. The orthopedic group's network suffered the incident around Feb. 17, 2023, when an unauthorized actor was able to access and remove certain DMOS files due to a vendor failure.
2. Wichita-based Kansas Joint and Spine Specialists reported a data breach that affected 83,869 patients. Exposed patient data includes first and last names, Social Security numbers, addresses, dates of birth, contact information, diagnoses, health insurance claim numbers, medical record numbers and other unique identifiers.
3. Vail-Summit Orthopaedics & Neurosurgery in Colorado notified patients of a data breach in January. An investigation is ongoing, and the practice found an unauthorized party may have accessed sensitive information including names, addresses and Social Security numbers.
4. Northeast Orthopedics and Sports Medicine recently experienced a data security incident affecting 177,101 individuals. This data may include patient information such as identifying information, payment and medical record information, health insurance information, and treatment and diagnosis information.
5. Orthopedic Associates of Flower Mound (Texas) notified patients of an email breach possibly impacting patient medical history, Social Security numbers, patient names and financial data.
6. On March 7, Vancouver, Wash.-based Rebound Orthopedics & Neurosurgery filed a notice of a data breach with the attorney general of Montana. The unauthorized party accessed and stole confidential patient information stored on Rebound Orthopedics' computer network.