Gary Motykie, M.D., a Medical Corporation

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Overview of the Data Breach at Gary Motykie, M.D., a Medical Corporation

Gary Motykie, M.D., a Medical Corporation, experienced a significant data breach that was first discovered on May 9, 2023. The breach involved sensitive personal identifiable information and protected health information of an undetermined number of individuals. The information exposed includes names, Social Security numbers, addresses, driver’s license numbers, financial account numbers, intake forms and medical information, images taken in connection with services provided, and health insurance information[3].

Timeline and Impact

  • May 9, 2023: The corporation discovered that it had experienced a data breach[3].

  • June 6, 2023: The investigation revealed that some data may have been impacted[1].

  • June 26, 2023: Gary Motykie, M.D., Medical Corporation began contacting individuals whose information may have been impacted[3].
  • July 12, 2023: Updated reports revealed that 3,461 patients had been affected by the breach that occurred on April 13[4][7].
  • August 18, 2023: It was reported that nude pictures of patients with their information and files were uploaded to a clearnet leak site[4].

Response and Mitigation

Upon learning of the breach, the corporation engaged an incident response team, disabled access to the computer system, took the system offline, and implemented various security measures. They also provided access to no-cost Triple Bureau Credit Monitoring/Triple Bureau Credit services for the potentially impacted individuals[1]. Additionally, the corporation is conducting additional employee training and working closely with law enforcement[1].

Legal and Law Enforcement Involvement

The breach has been reported to law enforcement, appropriate authorities, and the American Board of Plastic Surgery, which is also investigating the breach[9]. A law firm specializing in data breaches is investigating the incident and may offer legal remedies to affected individuals[3]. At least one lawsuit has been filed against Dr. Motykie in relation to the breach[5].

Public and Media Reaction

The data breach has received media attention, with reports of sensitive patient information and images, including nude photos, being published online. The incident has raised concerns about cybersecurity in healthcare, particularly in plastic surgery practices[5][7][9].

Recommendations for Affected Individuals

Affected individuals are advised to enroll in the provided credit monitoring services, change passwords and security questions for online accounts, regularly review account statements, monitor credit reports, and contact credit bureaus to request a temporary fraud alert[3].

Conclusion

The data breach at Gary Motykie, M.D., a Medical Corporation is a serious incident that has compromised the personal and medical information of thousands of patients. The corporation has taken steps to mitigate the breach and is working with law enforcement to address the situation. Affected individuals have been offered credit monitoring services and may seek legal advice if they have been impacted by the breach.

Citations:

  1. https://www.doj.nh.gov/consumer/security-breaches/documents/gary-motykie-m-d-medical-corporation-20230626.pdf
  2. https://health.usnews.com/doctors/gary-motykie-616557
  3. https://www.turkestrauss.com/2023/06/27/gary-motykie-m-d-data-breach-investigation/
  4. https://www.databreaches.net/two-california-plastic-surgery-practices-suffer-cyberattacks-and-embarrassing-patient-data-leaks/
  5. https://www.nbclosangeles.com/news/local/major-data-breach-at-beverly-hills-plastic-surgeons-office-exposes-patients-sensitive-information/3185086/
  6. https://www.gripeo.com/dr-gary-motykie/
  7. https://www.thelyonfirm.com/blog/dr-gary-motykie-beverly-hills-plastic-surgery-data-breach/
  8. https://www.realself.com/practices/motykie-med-spa-west-hollywood-california
  9. https://www.hipaajournal.com/naked-patient-photos-published-after-ransomware-attack-on-plastic-surgery-clinic/
  10. https://apps.web.maine.gov/online/aeviewer/ME/40/6767e17f-f005-4c8b-86ec-c151e3345443.shtml
  11. https://www.nbclosangeles.com/news/local/more-patients-hit-by-beverly-hills-plastic-surgeon-data-breach-exposing-sensitive-photos-private-information/3195359/
  12. https://www.cpomagazine.com/cyber-security/fbi-warns-about-cyber-extortion-scheme-targeting-plastic-surgery-facilities-and-customers/
Breach Submission Date Aug 05, 2023
Converted Entity Name Gary Motykie, M.D., a Medical Corporation
Converted Entity Type Healthcare Provider
State CA
Individuals Affected 3,400
Breach Type Hacking/IT Incident

Breach Information Location Desktop Computer, Network Server

Business Associate Present Yes