On July 22, 2024, the Surgery Center of Mid Florida (SCOMF) reported a data breach to the Massachusetts Attorney General, revealing that unauthorized access had compromised patient information. The breach, which occurred through an IT vendor, exposed sensitive details including names, Social Security numbers, addresses, dates of birth, health and financial information. Affected individuals have been notified, and the center is working to assess the impact and secure the compromised data.
The breach was first detected on February 21, 2024, when SCOMF’s network was encrypted, prompting an investigation with third-party security experts. It was discovered that the attack originated from a compromised IT vendor’s network, which then facilitated access to SCOMF’s systems. This vendor connection allowed the unauthorized party to breach the center’s data.
SCOMF’s investigation revealed that the exposed information varied per individual but generally included personal and financial details. The center has since sent out notification letters to all impacted individuals, outlining the specific information that was compromised and advising on steps to protect themselves.
Based in Ocala, Florida, the Surgery Center of Mid Florida specializes in various surgeries, including those related to gastroenterology and ophthalmology. With over 25 employees and an annual revenue of approximately $5 million, the center is now focused on addressing the fallout from this breach and enhancing its cybersecurity measures.
Reference: