Murfreesboro Medical Clinic & SurgiCenter
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Murfreesboro Medical Clinic & SurgiCenter (MMC) in Tennessee experienced a significant healthcare data breach affecting approximately 559,000 individuals. The breach occurred as a result of a cyberattack by a well-known cyber extortion operation on April 22, 2023. MMC was forced to shut down its network and operations temporarily to contain the attack and prevent further damage. Despite efforts to determine the extent of the breach, MMC has been unable to confirm whether any personal information was actually accessed or removed from their network[1][3][5].
The data potentially compromised in the breach included names, addresses, driver’s licenses, diagnostic information, dependent information, medical record numbers, insurance enrollment information, and more. MMC responded by rebuilding their network with enhanced security features and controls to reduce the chance of a similar incident occurring in the future. Operations have since been fully restored, and to MMC’s knowledge, no data was lost as a result of the incident[1].
MMC sent out data breach notification letters on June 14, 2023, to those affected by the breach, advising them of the situation and the steps they can take to protect themselves from potential identity theft or fraud. MMC has offered 24 months of complimentary credit monitoring services to the affected individuals as a precaution[6][7].
The clinic, which operates multiple facilities and employs over 500 people, has been working with law enforcement and third-party experts to investigate the source and scope of the attack. MMC’s CEO has stated that they refused to pay the ransom demanded by the attackers, as advised by law enforcement and legal counsel, and on principle[4][8].
In the aftermath of the breach, a class action lawsuit has been filed against MMC, and the court has appointed an Interim Executive Counsel Committee to oversee the consolidated litigation. The lawsuit addresses the potential impact of the data breach on affected individuals[10].
For those seeking legal advice or who have been affected by the breach, data breach lawyers are available to discuss legal options and how to protect oneself from becoming a victim of fraud or identity theft[2][7].
Citations:
- https://healthitsecurity.com/news/murfreesboro-medical-clinic-confirms-559k-record-breach
- https://www.myinjuryattorney.com/murfreesboro-medical-clinic-surgicenter-data-breach-investigation/
- https://www.scmagazine.com/news/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery
- https://www.dnj.com/story/news/2023/06/20/murfreesboro-medical-clinic-alerts-patients-at-risk-after-cyber-attack/70325490007/
- https://www.hipaajournal.com/ransomware-attack-results-shutdown-operations-tn-medical-clinic/
- https://www.hipaajournal.com/559000-individuals-affected-murfreesboro-medical-clinic-surgicenter-cyberattack/
- https://www.jdsupra.com/legalnews/murfreesboro-medical-clinic-surgicenter-1875046/
- https://www.campussafetymagazine.com/hospital/murfreesboro-medical-clinic-closes-for-2-weeks-ransomware-attack/
- https://www.databreaches.net/murfreesboro-medical-clinic-surgicenter-ransomware-attack-affected-559000-patients/
- https://shublawyers.com/current-cases/samantha-holbrook-appointed-to-the-executive-committee-counsel-in-murfreesboro-medical-clinic-data-breach-litigation/
- https://www.paubox.com/news/tennessee-clinic-confirms-over-500000-affected-by-ransomware-attack