A cyber attack that affected a cloud-hosting and service provider resulted in access to patient data of Surgical Dermatology Group in Alabama, a specialty practice that has offices in Birmingham, Montgomery and Huntsville.

Hackers were able to penetrate TekLinks, which provides cloud services to Surgical Dermatology; the cloud provider notified the practice of the about the intrusion in early June.

“TekLinks has assured us that all unauthorized access was terminated on May 1, 2017, and that monitoring by TekLinks from April 22 through May 1 showed no further malicious activity during that time period,” the practice told patients in a notification letter.

Also See: Dermatology practice struck by ransomware attack

Information that was compromised included patient names, addresses, home and mobile telephone numbers, email addresses, Social Security numbers, medical record numbers, physician names, health plans, and charges and payments for services rendered.

Driver’s license numbers and financial information were not affected. Surgical Dermatology Group is offering affected individuals one year of credit monitoring and identity theft protection services.

The practice declined to provide additional details about the incident, including the number of affected individuals. If the information of more than 500 individuals was compromised, the practice will be reporting further details of the breach on the website of the HHS Office for Civil Rights.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access