Grayling Anesthesia Associates PC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Grayling Anesthesia Associates PC, based in Grayling, Michigan, experienced a significant data breach that was discovered on July 11, 2022. This breach involved the unauthorized access to sensitive personal identifiable information and protected health information of more than 15,000 individuals[1]. The compromised data includes a range of personal and medical information such as Social Security numbers, names, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid or Medicare IDs, and detailed health information including treatment and diagnosis details[1][11].

Grayling Anesthesia Associates is a medical group specializing in anesthesiology, providing critical support in pain mitigation, vital organ function support, and ensuring patient safety during medical procedures[1]. Following the discovery of the breach, the organization took immediate steps to secure its systems, including implementing a global password reset, tightening firewall restrictions, and enhancing endpoint threat detection and response monitoring[11]. Additionally, Grayling Anesthesia Associates has offered affected individuals identity theft protection services through IDX, which includes credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services[11].

This incident is part of a larger pattern of data breaches affecting healthcare providers and their management companies. A hacking incident at a New York-based administrative services firm, Somnia Inc., led to breaches affecting approximately 430,000 individuals across about 20 anesthesiology practices[4]. The breach underscores the growing trend of cyberattacks and data security incidents involving healthcare entities and their business associates, highlighting the critical need for robust cybersecurity measures and incident response strategies within the healthcare sector[4][6].

Citations:

  1. https://www.turkestrauss.com/2022/10/25/grayling-anesthesia-associates-data-breach-investigation/
  2. https://dojmt.gov/consumer/databreach/
  3. https://healthitsecurity.com/news/healthcare-data-breach-impacts-13-anesthesia-providers-380k-individuals
  4. https://www.bankinfosecurity.com/anesthesiology-breaches-a-20414
  5. https://www.beckersasc.com/anesthesia/patients-in-13-states-possibly-affected-by-anesthesiology-associates-and-anesthesia-services-breach.html
  6. https://www.hipaajournal.com/data-breach-impacts-more-than-one-dozen-anesthesia-providers/
  7. https://www.idstrong.com/data-breaches/anesthesiologists-breaches/
  8. https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/chabak-v-somnia-complaint-10-31-22.pdf
  9. https://crawfordcountynow.com/local/legal-notice-from-grayling-anesthesia-associates-pc/
  10. https://blackkite.com/data-breaches-caused-by-third-parties/
  11. https://ago.vermont.gov/sites/ago/files/2023-01/2022-10-24-Grayling-Anesthesia-Associates-Data-Breach-Notice-to-Consumers.pdf
Breach Submission Date Sep 23, 2022
Converted Entity Name Grayling Anesthesia Associates PC
Converted Entity Type Healthcare Provider
State MI
Individuals Affected 15,378
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes