• 5
  • Hospitals
  • 5
  • NY
  • 5
  • Physio Logic Chiropractic and Physical Therapy, PLLC and Dr. Patty DiBlasio, PC

Physio Logic Chiropractic and Physical Therapy, PLLC and Dr. Patty DiBlasio, PC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Physio Logic Chiropractic and Physical Therapy, PLLC, Dr. Patty DiBlasio, and Physio Logic Medicine (collectively referred to as the Practices) experienced a data breach that was first detected on July 31, 2023, when an unknown individual claimed to have gained access to a server used by the Practices[1]. The breach potentially exposed the protected health information (PHI) of patients, including names, addresses, dates of birth, driver’s license numbers, state identification numbers, diagnoses, treatment information, health insurance information, and payment card information[2].

The unauthorized access to the server occurred between July 2, 2023, and August 4, 2023, and was confirmed during an investigation completed on September 14, 2023[1][2]. Although there was no evidence of actual or attempted misuse of the information, the Practices notified 9,580 affected individuals out of an abundance of caution[2]. The Practices have taken steps to enhance their technical safeguards and review their policies and procedures to prevent future incidents[1][2].

Affected individuals were offered complimentary credit monitoring services and were advised on steps they could take to protect their personal information, such as enrolling in monitoring services by December 31, 2023, and placing a freeze on their credit files[1]. The Practices also established a dedicated assistance line for additional questions and are notifying applicable regulatory authorities[1].

The breach was reported to the U.S. Department of Health and Human Services, but as of the information available, the exact number of affected individuals is not listed on the HHS breach site[11]. Investigations by consumer rights law firms, such as Cole & Van Note, have been announced, focusing on the potential legal implications and compensation for affected individuals[9].

Citations:

  1. https://www.mass.gov/doc/assigned-data-breach-number-30637-physio-logic/download
  2. https://www.hipaajournal.com/176200-ortho-alaska-patients-affected-by-data-breach/
  3. https://www.brooklynpaper.com/assets/pdf/2014_18mmc.pdf
  4. https://app.hacknotice.com/hack/652044a0d473ab3f8993d113
  5. https://casetext.com/case/estate-of-grieco-v-natl-med-consultants-pc
  6. https://www.scribd.com/document/400588968/NYLJtuesdayB
  7. https://www.linkedin.com/posts/joshua-mckeever-b80684214_us-department-of-health-human-services-activity-7118611392462483458-LrKH
  8. https://www.hackmageddon.com/2023/11/28/16-30-september-2023-cyber-attacks-timeline/
  9. https://www.newstrail.com/cole-van-note-announces-physio-logic-chiropractic-and-physical-therapy-pllc-data-breach-investigation/
  10. https://casetext.com/case/collini-v-natl-med-consultants-pc
  11. https://www.hipaacoach.com/data-breaches-on-aretis-health-physio-logic-orthoalaska-and-colorado-department-of-health-care-policy-financing/
  12. https://law.justia.com/cases/new-york/other-courts/2022/2022-ny-slip-op-22036.html
  13. https://www.linkedin.com/posts/joshua-mckeever-b80684214_breach-report-activity-7113537966366453760-f1CW?trk=public_profile_share_view
  14. https://breachdata.topwords.me/states/NY?limit=20&offset=20&sort=reported_date
  15. https://breachdata.topwords.me/hipaa?limit=20&offset=180&sort=reported_date
Breach Submission Date Sep 29, 2023
Converted Entity Name Physio Logic Chiropractic and Physical Therapy, PLLC and Dr. Patty DiBlasio, PC
Converted Entity Type Healthcare Provider
State NY
Individuals Affected 9,580
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes