Piedmont Orthopedics / OrthoAtlanta had been hit by a ransomware attack, and by Pysa (Mespinoza) threat actors.
The threat actors had already dumped more than 3.5 GB of data.
Compromised information included rentals and business aspects.
It also comprised of a number of highly detailed medical records on patients that include their name, date of birth, address and contact information, diagnosis, surgical details, laboratory tests, cardiograms, and insurance information pages and pages of protected health information.
Source: https://www.databreaches.net/three-more-medical-practices-hit-by-ransomware/
TPRM report: https://scoringcyber.rankiteo.com/company/orthoatlanta
"id": "ort143629123",
"linkid": "orthoatlanta",
"type": "Ransomware",
"date": "08/2020",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Medical',
'name': 'Piedmont Orthopedics / OrthoAtlanta',
'type': 'Healthcare'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Rentals',
'Business aspects',
'Medical records']},
'description': 'Piedmont Orthopedics / OrthoAtlanta was hit by a ransomware '
'attack by Pysa (Mespinoza) threat actors. The attack resulted '
'in the dumping of more than 3.5 GB of data, including '
'rentals, business aspects, and highly detailed medical '
'records on patients.',
'impact': {'data_compromised': ['Rentals',
'Business aspects',
'Medical records']},
'motivation': 'Data theft and ransom',
'ransomware': {'data_exfiltration': True,
'ransomware_strain': 'Pysa (Mespinoza)'},
'threat_actor': 'Pysa (Mespinoza)',
'title': 'Ransomware Attack on Piedmont Orthopedics / OrthoAtlanta',
'type': 'Ransomware'}