Northeast Orthopedics and Sports Medicine, a healthcare provider based in New York, fell victim to a cyberattack, exposing the data of more than 177,000 individuals, including patients’ sensitive information. The breach, detected in late November due to unusual activity, allowed potential unauthorized access to various data, such as Social Security numbers, medical records, and payment information. Despite issuing statements and offering free credit monitoring services, concerns persist about the misuse of the stolen data, prompting the provider to advise individuals to remain vigilant against potential identity theft and fraud.
The healthcare provider confirmed the intrusion into its computer systems by December 29th, following over a month of investigation into the unusual activity. Although the breach was declared publicly in a statement issued on February 9th, it garnered relatively little attention at the time. However, a subsequent notice to the attorney general’s office in Maine on March 5th clarified that over 177,000 individuals, including patients and possibly staff members, were affected by the cyberattack.
Northeast Orthopedics has taken steps to address the breach, including hiring a cybersecurity firm to enhance network security and reviewing data protection policies. Additionally, the provider has offered affected individuals free credit monitoring and identity protection services, accompanied by up to $1 million in identity theft insurance. Despite these measures, the incident underscores the ongoing threat of cyberattacks in the healthcare sector and highlights the importance of robust cybersecurity measures to safeguard sensitive patient information.