News and Updates on Information Technology

United States – Ozark Orthopaedics

Exploit: Phishing scam

Ozark Orthopaedics: Orthopedic healthcare practice

Risk to Small Business: 2.113 = Severe

Four employees fell for a phishing scam and gave hackers access to email accounts containing patient data. The scope of the data breach that occurred in late 2019 was just released by the healthcare provider, creating questions about the practice’s cybersecurity practices. As a result, patients were unable to quickly take steps to protect their identities and Ozark Orthopaedics has opened itself up to regulatory scrutiny that could result in substantial financial penalties.

Individual Risk: 1.775 = Severe

Patients’ personally identifiable information was exposed in the breach, including their names, treatment information, Medicare or Medicaid identification numbers, Social Security numbers, and financial account information. In the wrong hands, this information can be used in a litany of financial or identity-related crimes. Those impacted by the breach should immediately enroll in credit and identity monitoring services to secure their personal information.

Customers Impacted: 15,240

How it Could Affect Your Customers’ Business: More than a trillion phishing emails are sent each year, some of which will inevitably make their way into your employees’ inboxes. Training employees to spot these scams is especially important to protect your company from a devastating data breach.