MEMPHIS, Tenn. (localmemphis.com) - The CEO of a large orthopedic group has responded to Local 24's requests about a data breach at MSK Group.
MSK Group is the latest target of a data breach. Patients received letters about a security breach discovered on May 7th. According to the letter, information accessed over a series of months includes address, date of birth, social security number, facial photos, and sensitive medical records.
They have not said how many people may be affected, but MSK operates four divisions with multiple locations in the Mid-South, including Tabor Orthopedics, Memphis Orthopaedic Group, OrthoMemphis, and Crosstown Back and Pain Institute.
The letters went to current and former patients dating back at least a decade.
MSK Group sent Local 24 the following statement:
Because this event has been reported to law enforcement authorities and is the subject of an ongoing law enforcement investigation, we are unable to discuss any further details. I do want to underscore that we hired expert security consultants to investigate, mitigate and assess the extent of this event, and we do not believe that any patient or employee records were actually removed from our computer network. However, out of an abundance of caution for our patient's privacy, we are offering Identity Theft Protection services, free of charge, to our patients and employees. More information on this event and the free Identity Theft Protection services is available on our website at MSKGroup.org.
Kimble L. Jenkins
A cyber security expert at the University of Memphis could not speak specifically on this latest round of security concerns, but he said data breaches and cyberattacks are happening all the time. Often, we are not aware of it.
"What information, how it will be used depends on what kind of groups are looking at this and how they can monetize those things," said Dr. Dipankar Dasgupta, a computer science professor at the University of Memphis.
Dasgupta said, in general, as the healthcare industry stores more information digitally, there is a need to reprioritize security.
"How many copies are there? Who has the access? All of these things are really fuzzy. All of the things need to be kept track of to keep things safe," said Dasgupta.
MSK Group said law enforcement and security experts are investigating the possible breach.
If you received a letter you are urged to take it seriously and follow the instructions.