Austin Plastic and Reconstructive Surgery Hit by Ransomware Attack, Exposing Patient Data
Austin Plastic and Reconstructive Surgery, a medical practice in Austin, Texas, disclosed a data breach stemming from a ransomware attack that compromised sensitive patient information. The unauthorized access occurred between June 30 and July 1, 2025, though the breach was not discovered until February 28, 2026. Notifications to affected individuals began on March 11, 2026.
The attack was claimed by the ransomware group ThreeAM, which posted its involvement on the dark web’s Tor network on August 10, 2025 weeks after the intrusion but months before the practice completed its investigation. Cybersecurity experts assisted in reviewing compromised files, determining that exposed data included personally identifiable information (PII) such as names, addresses, dates of birth, financial account details, government IDs, passport numbers, and Social Security numbers.
In response, the practice is offering complimentary credit monitoring to individuals whose Social Security numbers were affected. A dedicated response line (833-877-7496) has been set up for inquiries, operating Monday through Friday from 8 a.m. to 8 p.m. Central Time. The incident underscores the persistent threat of ransomware targeting healthcare providers and the delayed detection of such breaches.
Source: https://www.claimdepot.com/data-breach/austin-plastic-reconstructive-surgery-2026
Austin Plastic Surgeon cybersecurity rating report: https://www.rankiteo.com/company/austinplasticsurgeon
"id": "AUS1774391816",
"linkid": "austinplasticsurgeon",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Austin, Texas, USA',
'name': 'Austin Plastic and Reconstructive Surgery',
'type': 'Medical Practice'}],
'customer_advisories': 'Complimentary credit monitoring offered to '
'individuals whose Social Security numbers were '
'affected. Dedicated response line: 833-877-7496 '
'(Monday-Friday, 8 a.m. to 8 p.m. Central Time).',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally identifiable '
'information (PII)',
'Financial account details',
'Government IDs',
'Passport numbers',
'Social Security numbers']},
'date_detected': '2026-02-28',
'date_publicly_disclosed': '2026-03-11',
'description': 'Austin Plastic and Reconstructive Surgery, a medical practice '
'in Austin, Texas, disclosed a data breach stemming from a '
'ransomware attack that compromised sensitive patient '
'information. The unauthorized access occurred between June 30 '
'and July 1, 2025, though the breach was not discovered until '
'February 28, 2026. Notifications to affected individuals '
'began on March 11, 2026. The attack was claimed by the '
'ransomware group ThreeAM, which posted its involvement on the '
'dark web’s Tor network on August 10, 2025. Exposed data '
'included personally identifiable information (PII) such as '
'names, addresses, dates of birth, financial account details, '
'government IDs, passport numbers, and Social Security '
'numbers.',
'impact': {'data_compromised': 'Personally identifiable information (PII), '
'including names, addresses, dates of birth, '
'financial account details, government IDs, '
'passport numbers, and Social Security numbers',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Completed',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'ThreeAM'},
'references': [{'date_accessed': '2025-08-10',
'source': 'Dark web (Tor network)'}],
'response': {'communication_strategy': 'Dedicated response line '
'(833-877-7496) and complimentary '
'credit monitoring for affected '
'individuals',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'ThreeAM',
'title': 'Austin Plastic and Reconstructive Surgery Hit by Ransomware Attack, '
'Exposing Patient Data',
'type': 'Ransomware'}