cyber Breach

All-Star Orthopaedics

May 11, 2023 1 min read
All-Star Orthopaedics

All-Star Orthopaedics informed people that a hard drive containing patient data had been taken, but as of right now, there is no proof that the confidential material has been viewed or misused.

A hard drive containing x-rays and other diagnostic images was stolen, the organization found out.
Even though the data on the hard drive is not encrypted, special software is required to access it.

X-rays and other diagnostic images can be found on the stolen hard drive.

The patient names and birthdates are present in the image files upon opening.
The photographs on the hard drive don't contain any more data.

As a precaution, All-Star Orthopaedics is warning potentially impacted patients about the occurrence and has informed regulatory and criminal enforcement organizations.

Source: https://www.databreaches.net/all-star-orthopaedics-provides-notice-of-patient-data-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/allstarorthopaedics

"id": "all01616223",
"linkid": "allstarorthopaedics",
"type": "Data Leak",
"date": "01/2019",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'customers_affected': 'Patients',
                        'industry': 'Healthcare',
                        'name': 'All-Star Orthopaedics',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Physical Theft',
 'data_breach': {'data_encryption': 'None',
                 'file_types_exposed': ['Image Files'],
                 'personally_identifiable_information': ['Patient Names',
                                                         'Birthdates'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['X-rays',
                                              'Diagnostic Images',
                                              'Patient Names',
                                              'Birthdates']},
 'description': 'All-Star Orthopaedics reported that a hard drive containing '
                'patient data, including x-rays and other diagnostic images, '
                'was stolen. The data on the hard drive is not encrypted but '
                'requires special software to access. The images contain '
                'patient names and birthdates. The organization has notified '
                'regulatory and law enforcement authorities and is warning '
                'potentially impacted patients.',
 'impact': {'data_compromised': ['X-rays',
                                 'Diagnostic Images',
                                 'Patient Names',
                                 'Birthdates'],
            'systems_affected': 'Hard Drive'},
 'initial_access_broker': {'entry_point': 'Physical Theft'},
 'motivation': 'Unknown',
 'regulatory_compliance': {'regulatory_notifications': True},
 'response': {'communication_strategy': 'Notified potentially impacted '
                                        'patients and regulatory authorities',
              'law_enforcement_notified': True},
 'threat_actor': 'Unknown',
 'title': 'Stolen Hard Drive Containing Patient Data',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unencrypted Data Storage'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.