A Florida-based healthcare provider has issued a warning to its patients that their highly-sensitive personally identifiable information (PII) and personal health information (PHI) may have been stolen in a data breach. In what appears to have been a ransomware attack, Florida Orthopaedic Institute’s servers were infiltrated by malicious actors who then encrypted patients’ files, blocking access to them by the facility’s staff members. The facility is a conglomerate of orthopaedic physicians’ offices, meaning it could be possible that patients affected by the Florida Orthopaedic Institute data breach are not familiar with the company’s name.
The Florida Orthopaedic Institute’s investigation also uncovered reasons to suspect that some of the patients’ complete identities had been stolen before the encryption. That would include such data points as names, birthdates, Social Security numbers and more. Right now, the Florida Orthopaedic Institute has not found evidence that those identities have been used. Other compromised information from the Florida Orthopaedic Institute data breach includes medical data or PHI like appointment times, insurance plan numbers and payments for services, just to name a few.
While the facility was able to regain access to the encrypted files, affected patients should take immediate action. Some important steps include:
- Changing the passwords on any accounts that share a username and password with their Florida Orthopaedic Institute account
- Requesting a free copy of their credit report from AnnualCreditReport.com to look for signs of unusual activity
- Signing up for the free credit monitoring and fraud protection tools that Florida Orthopaedic Institute is providing to the victims of this breach. It’s also important for victims of the Florida Orthopaedic Institute data breach to place a freeze on their credit report if their financial or payment card information was affected.
- Contacting their insurance provider and asking if they can change their insurance account and card number. Victims should see what additional protections they can put in place such as an additional password when calling for service
- Checking medical insurance billing statements closely to ensure the company is not covering services received by a thief that the victim has not received
As with any data breach event, including the Florida Orthopaedic Institute data breach, consumers can also reach out to the Identity Theft Resource Center (ITRC) for help and information by live-chat or calling toll-free at 888.400.5530. The ITRC’s free ID Theft Help app for iOS and Android is a place for victims to manage their case-specific action plans and find other helpful resources.
You might also like…