Austin Manual Therapy (AMT) notified 1,750 of its patients of a potential breach of their protected health information. Allegedly, a criminal attacker accessed AMT’s computer system and may have stolen their PHI. A leading national cybersecurity team conducted a forensic investigation of the incident and found out that the attacker first gained access on October 3, 2017. Access continued until October 9, when AMT discovered the breach and blocked the attacker’s access.
AMT posted a breach notice on its website and stated that the attacker did not gain access to the company’s electronic medical record system. The attacker only gained limited access to the AMT network – just one computer and a shared file system. The forensic investigators confirmed that the attacker accessed some files, but they cannot confirm how much information was viewed or stolen. The information that was potentially viewed or accessed included names, dates of birth, addresses, dates of service, occupations, phone numbers, charge amounts, insurance coverage and policy details, diagnoses, health screening information, referring physician information, driver’s license information and Social Security numbers. The patients whose PHI have been compromised were advised to get free credit reports, set up a fraud alert and security freeze their accounts. There appeared to be no offers of free credit monitoring or identity theft protection services from AMT.
The investigation regarding the breach is mostly completed, but the forensic investigators will continue it until the end of the year. AMT also implemented additional security measures to block similar attacks. The TMD breach report did not detail the exact nature of the attack. But according to Databreaches.net, the AMT incident was an extortion attempt by TheDarkOverlord hacking group.