Cardiothoracic and Vascular Surgeons, P.A.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Cardiothoracic and Vascular Surgeons, P.A. (CTVS), based in Texas, experienced a data breach that was discovered on October 13, 2023. The breach involved unauthorized access to their computer network, which occurred between October 12 and October 13, 2023. The unauthorized access resulted in the potential acquisition of sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals[1][4].

The information potentially exposed includes names, Social Security numbers, driver’s license numbers, dates of birth, financial information (such as credit card information, account numbers, and passwords), medical information (including medical record numbers, patient account numbers, doctor or medical professional names, treatment information, procedure codes, diagnosis codes, dates of treatment, prescription information, diagnosis and symptoms information), and health insurance information (such as health insurance numbers, Medicaid/Medicare numbers, and other health insurance information)[1][4].

CTVS began notifying individuals whose information may have been impacted by the breach on December 12, 2023, by sending out data breach notification letters. These letters provide victims with a list of what information belonging to them was compromised[1].

CTVS is a healthcare provider specializing in surgery of the heart, lungs, chest, esophagus, and major blood vessels of the body, operating three locations in central Texas, including Austin, Kyle, and Georgetown. The organization employs more than 87 people and generates approximately $12 million in annual revenue[1].

The breach has led to an investigation by law firms specializing in data breach cases, and affected individuals are being advised on steps to protect their personal information and legal remedies that may be available to them[4].

Citations:

  1. https://www.jdsupra.com/legalnews/cardiothoracic-and-vascular-surgeons-4515965/
  2. https://www.tanner.org/patients-and-visitors/notice-from-cbiz-of-outside-vendor-data-security-incident
  3. https://www.covenanthealthcare.com/ch/notice-of-data-security-incident
  4. https://www.turkestrauss.com/2023/12/29/cardiothoracic-and-vascular-surgeons-data-breach-investigation/
  5. https://www.hipaajournal.com/hipaa-breaches/
  6. https://www.jdsupra.com/personal/personal-injury/constitutional-law/products-liability/
  7. https://www.myinjuryattorney.com/cardiothoracic-and-vascular-surgeons-data-breach-class-action-investigation-and-lawsuit-assistance/
  8. https://www.jdsupra.com/legalnews/cardiovascular-associates-files-notice-1897175/
  9. https://www.texasheart.org/people/o-h-frazier/
  10. https://wacotrib.com/news/local/crime-courts/ascension-providence-warns-cyberattack-on-contractor-may-have-compromised-patient-info/article_ed316c88-99e9-11ee-9d13-2360d7b7a642.html
  11. https://www.beckersasc.com/asc-news/texas-medical-group-to-wind-down-business.html
  12. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4667571/
  13. https://www.beckersasc.com/asc-news/azura-vascular-care-suffers-data-breach.html
  14. https://oag.ca.gov/privacy/databreach/list
  15. https://www.bcm.edu/departments/surgery/meet-our-team/history-of-leadership/jimmy-f-howell-m-d
  16. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?%3F%3F%3Futm_source=IDG&%3F%3Futm_source=IDG&utm_campaign=Oktopost-Employee+Spotlight%3A+Inside+Tanium&utm_content=Oktopost-linkedin&utm_medium=social&utm_source=linkedin
  17. https://www.propublica.org/article/pennsylvania-doctor-investigated-at-every-level-why-is-he-still-practicing
  18. https://www.idstrong.com/sentinel/texas-medical-center-data-breach-exposes-patient-info/
  19. https://breachdata.topwords.me/states/TX
Breach Submission Date Dec 12, 2023
Converted Entity Name Cardiothoracic and Vascular Surgeons, P.A.
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 500
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes