OB-GYN Associates experienced a data security breach around August 7, exposing sensitive patient information. The compromised data includes first and last names, Social Security numbers, driver’s license numbers, and past medical records of affected individuals. While the exact cause remains unclear, an internal investigation was conducted and finalized by September 29. In response, the company notified impacted patients via letters and offered single-bureau credit monitoring, credit reporting, and credit score services as a remedial measure. The breach poses significant risks, including potential identity theft, financial fraud, or misuse of medical history. The exposure of highly sensitive personal and health-related data underscores the severity of the incident, particularly given the lack of clarity on how the breach occurred or whether the data was exfiltrated by malicious actors.
TPRM report: https://www.rankiteo.com/company/obgyn-associates-madison-and-decatur
"id": "obg5732257110725",
"linkid": "obgyn-associates-madison-and-decatur",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'OB-GYN Associates',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Letters sent to affected patients offering credit '
'monitoring services',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': "High (includes SSNs, driver's license "
'numbers, and medical history)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2023-08-07',
'date_resolved': '2023-09-29',
'description': 'Some patients of OB-GYN Associates are receiving letters '
'informing them that some of their personal information may '
'have been exposed in a data security breach. The breach '
'occurred around August 7, 2023. The exposed data includes '
"first and last names, social security numbers, driver's "
'license numbers, and past medical information. An '
'investigation was conducted and completed on September 29, '
'2023. Affected individuals are being offered access to '
'single-bureau credit monitoring, credit reporting, and credit '
'score services.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'exposure of sensitive patient data',
'data_compromised': ['First and last names',
'Social Security numbers',
"Driver's license numbers",
'Past medical information'],
'identity_theft_risk': "High (due to exposure of SSNs and driver's "
'license numbers)'},
'investigation_status': 'Completed (as of 2023-09-29)',
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA violation '
'(if applicable)']},
'response': {'communication_strategy': 'Letters sent to affected patients',
'incident_response_plan_activated': True,
'recovery_measures': 'Offered single-bureau credit monitoring, '
'credit reporting, and credit score '
'services to affected patients'},
'title': 'OB-GYN Associates Data Security Breach',
'type': 'Data Breach'}