Dakota Eye Institute

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The Dakota Eye Institute (DEI), based in Bismarck, North Dakota, experienced a data breach that was discovered and announced around October 31, 2023. DEI is a multi-specialty group of Board Certified Ophthalmologists and Optometrists with locations in Rugby, Linton, and Bismarck, and it provides services in several other cities[3][5].

Upon discovering the cybersecurity incident, DEI took immediate action by engaging third-party cybersecurity experts to assess, contain, and remediate the incident. Law enforcement was also notified. The investigation did not find any instances of fraud or identity theft resulting from the incident. However, as a precaution, DEI is notifying individuals whose personal information was involved and is offering complimentary credit monitoring and identity theft protection services through Cyberscout[1][5].

DEI filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights on October 23, 2023, indicating that the breach affected the personal information of more than 107,000 individuals. The specific types of compromised data have not been disclosed, but DEI has begun sending out data breach notification letters to all individuals whose information was affected[3].

The firm Wolf Haldenstein Adler Freeman & Herz LLP is investigating claims on behalf of patients of DEI whose information may have been stolen in the breach. They suggest that the compromised personal medical information might be offered for sale on the dark web[7]. Another law firm, Turke & Strauss LLP, is also investigating the breach and has begun notifying individuals potentially impacted by the incident[11].

DEI has reviewed and enhanced its data security policies and procedures to reduce the likelihood of a similar event in the future. Individuals with questions about the breach or who may have been affected can contact a dedicated call center at 1-844-711-1478[1][5].

Citations:

  1. https://www.dakotaeye.com/data-security-incident/
  2. https://inewz.tv
  3. https://www.jdsupra.com/legalnews/dakota-eye-institute-files-notice-of-3981399/
  4. https://www.greenbaypressgazette.com/story/news/2024/02/12/new-bill-could-criminalize-school-librarians-for-loaning-lgbtq-books/72120823007/
  5. https://bismarcktribune.com/news/state-regional/business/dakota-eye-institute-reports-data-breach/article_931bc5ac-78bc-11ee-a8b4-9ff485efb07d.html
  6. https://richmond.com/news/local/business/real-estate/gen-zers-cant-afford-to-buy-houses-in-greater-richmond/article_6a66a256-c75b-11ee-a35f-2fab68585176.html
  7. https://www.prnewswire.com/news-releases/dakota-eye-institute-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman–herz-llp-301982686.html
  8. https://www.foodsafety.gov/recalls-and-outbreaks
  9. https://abingtonlaw.com/Dakota-Eye-Institute-Data-Breach-class-action-lawsuit.html
  10. https://www.osha.gov/publications/poster
  11. https://www.turkestrauss.com/2023/11/03/dakota-eye-institute-data-breach-investigation/
  12. https://www.deere.com/en/index.html
  13. https://www.thelyonfirm.com/blog/dakota-eye-institute-data-breach-investigation/
  14. https://www.uspsoig.gov
  15. https://www.myinjuryattorney.com/data-breach-investigation-dakota-eye-institute/
  16. https://www.portlandmercury.com/the-trash-report/2024/02/12/47030026/the-trash-report-monday-morning-quarterbacking-gossip-edition
Breach Submission Date Oct 23, 2023
Converted Entity Name Dakota Eye Institute
Converted Entity Type Healthcare Provider
State ND
Individuals Affected 107,143
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes