LockBit Claims Responsibility for Potential Columbia Orthopaedic Group Cyberattack
The ransomware group LockBit has claimed responsibility for a suspected cyberattack targeting Columbia Orthopaedic Group, a medical provider offering surgical and non-surgical orthopedic care in Columbia, Missouri. Details about the breach including the type of data compromised and the number of affected individuals remain unclear, as the organization has not yet confirmed the incident.
Legal teams are investigating whether a class action lawsuit can be filed on behalf of current and former patients, as well as affiliates, who may have had their personal or medical information exposed. Potential claims could cover losses related to privacy violations, out-of-pocket expenses, and time spent addressing the breach.
While the full scope of the attack is still under review, the incident highlights ongoing risks to healthcare providers, particularly from ransomware groups like LockBit, which frequently target sensitive data for extortion. Further updates are expected as the investigation progresses.
Source: https://www.classaction.org/data-breach-lawsuits/columbia-orthopaedic-group-may-2026
Columbia Orthopaedic Group cybersecurity rating report: https://www.rankiteo.com/company/columbia-orthopaedic-group
"id": "COL1779834393",
"linkid": "columbia-orthopaedic-group",
"type": "Ransomware",
"date": "1/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Columbia, Missouri',
'name': 'Columbia Orthopaedic Group',
'type': 'Healthcare Provider'}],
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal or medical information'},
'description': 'The ransomware group LockBit has claimed responsibility for a '
'suspected cyberattack targeting Columbia Orthopaedic Group, a '
'medical provider offering surgical and non-surgical '
'orthopedic care in Columbia, Missouri. Details about the '
'breach including the type of data compromised and the number '
'of affected individuals remain unclear, as the organization '
'has not yet confirmed the incident. Legal teams are '
'investigating whether a class action lawsuit can be filed on '
'behalf of current and former patients, as well as affiliates, '
'who may have had their personal or medical information '
'exposed. Potential claims could cover losses related to '
'privacy violations, out-of-pocket expenses, and time spent '
'addressing the breach.',
'impact': {'legal_liabilities': 'Potential class action lawsuit for privacy '
'violations, out-of-pocket expenses, and time '
'spent addressing the breach'},
'investigation_status': 'Under review',
'motivation': 'Extortion',
'ransomware': {'ransomware_strain': 'LockBit'},
'references': [{'source': 'Incident Description'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit'},
'threat_actor': 'LockBit',
'title': 'LockBit Claims Responsibility for Potential Columbia Orthopaedic '
'Group Cyberattack',
'type': 'Ransomware'}