Moyes Eye Center, PC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Moyes Eye Center Data Breach

Moyes Eye Center, PC in Missouri was one of the victims of a ransomware attack on Eye Care Leaders, a provider of electronic health records (EHR) and patient management software solutions for eye care practices. The breach, which occurred around December 4, 2021, affected approximately 38,000 patients at Moyes Eye Center[1][4][5][6][9].

Eye Care Leaders detected the breach and took down the compromised systems within 24 hours after breach detection. However, the attackers had already accessed files and databases containing patient records. The compromised information included names, addresses, phone numbers, email addresses, gender, dates of birth, medical record numbers, health insurance information, appointment information, and Social Security numbers. Notably, the compromised databases and files did not include credit card or financial information[1].

The breach was part of a larger incident involving Eye Care Leaders that affected over 2.2 million individuals across 28 eye care providers[1]. The fallout from the breach has been significant, with affected providers notifying patients and taking steps to secure their systems against future attacks. Eye Care Leaders faced multiple lawsuits regarding its handling of the breach, with plaintiffs alleging a lack of transparency, business disruptions, and reputational harm[6].

Patients affected by the breach were advised to monitor their accounts for any unusual activity and remain vigilant against potential identity theft. It is essential for those impacted to understand the risks and take appropriate steps to protect themselves from fraud or identity theft[2].

Moyes Eye Center notified the Office for Civil Rights (OCR) of the data security incident as required by law[3]. The breach is one of the largest health care data breaches reported in Missouri[9].

Citations:

  1. https://compliancy-group.com/eye-care-leaders-breach/
  2. https://www.jdsupra.com/legalnews/texas-tech-university-health-science-3650638/
  3. https://www.dataguidance.com/news/usa-moyes-eye-center-notifies-ocr-data-security
  4. https://www.hipaajournal.com/eye-care-leaders-impacts-millions-of-patients/
  5. https://blogs.protectedharbor.com/eye-care-leaders-data-breach-caused-by-cloud-ehr-vendor-dont-be-the-next/
  6. https://healthitsecurity.com/news/eye-care-leaders-emr-data-breach-tally-surpasses-2-million
  7. https://static1.squarespace.com/static/5c4f724e89c172ed71d704ef/t/628fa0d8fad62c598f554945/1653579993018/20220525_145545.pdf
  8. https://healthitsecurity.com/news/eye-care-leaders-emr-breach-impacts-at-least-342k-individuals
  9. https://stacker.com/missouri/biggest-health-care-data-breaches-you-should-know-about-missouri
Breach Submission Date May 25, 2022
Converted Entity Name Moyes Eye Center, PC
Converted Entity Type Healthcare Provider
State MO
Individuals Affected 38,000
Breach Type Hacking/IT Incident

Breach Information Location Electronic Medical Record

Business Associate Present Yes