Posted On May 4, 2023 Consumer Privacy & Data Breaches
May 4 – After discovering they were the target of a cyberattack, Murfreesboro Medical Clinic & SurgiCenter (MMC) issued a warning on May 2, 2023. Patients were warned to monitor their data for suspicious activity in light of the company’s notification, but no leak was yet confirmed. MMC claims that this breach may have exposed consumers’ names, ages, phone numbers, driver’s license numbers, Social Security numbers, email addresses, prescription information, treatment information, and insurance information. MMC began delivering data breach notification letters to all persons affected by the recent data security issue after it was confirmed that personal data was compromised.
Data breach lawyers at Console & Associates, P.C. are now looking into the incident at Murfreesboro Medical Clinic & SurgiCenter. If you have received a breach notification from MMC and are worried about identity theft and what steps you may take to protect yourself, we are happy to meet with you at no cost to discuss your legal options, including whether you are able to pursue a lawsuit against the company.
Murfreesboro Medical Clinic & SurgiCenter, with headquarters in Murfreesboro, Tennessee, is one of 7 facilities around the state. There are 110 doctors working in 20 different specialties at this doctor-owned clinic. Murfreesboro SurgiCenter, which has been around since 1949, currently has about 500 employees and a yearly income of over $17.1 million.
On May 2, 2023, Murfreesboro SurgiCenter announced on its website that it had been the target of a cyberattack on April 22, 2023. The organization took immediate action by locking down its network, alerting authorities, and engaging external data security experts to investigate the breach and ascertain the nature of any exposed patient information, as well as putting a temporary stop to all work.
While the MMC looks into the matter, the company stresses that it has not yet confirmed whether or not any patient data was leaked. Patients and staff at MMC are urged to keep an eye out for unauthorized use of their personal information, though.
According to the company’s investigation, the information that may have been compromised includes but is not limited to names, dates of birth, phone numbers, driver’s license numbers, Social Security numbers, emails, prescription information, treatment information, and insurance information. MMC has stated that financial information, like credit card numbers and bank account numbers, is not stored on its system.
If MMC informs you of a data breach, it implies that sensitive information about you may have been compromised. This private information could be used in a number of harmful ways by hackers. Social Security numbers are often targeted in cases of identity theft and fraud. It’s also feasible that criminals may purchase this information via the dark web. If hackers gain access to even the most basic information about you, they may use this knowledge to commit additional crimes. Victims have the right to know their legal options and how to best defend themselves.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Murfreesboro Medical Clinic & SurgiCenter data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the notice posted on their website:
On April 22, 2023, Murfreesboro Medical Clinic & SurgiCenter (“MMC”) was the victim of a sophisticated criminal cyberattack. In response, we rapidly initiated an emergency shut down of our network to limit the spread of the attack within our systems and those of our technology partners. Since that time, we have been working with law enforcement agencies and third-party experts to identify the source and scope of the attack in order to restore normal clinic operations. Our first priority was to contain the incident and protect our patients and employees.
In conjunction with law enforcement, we continue to investigate the incident while also taking action on our infrastructure to, hopefully, prevent any further attacks. With the quick detection by our technology experts, we believe we have been able to limit the impact of this criminal attack. We are currently in the process of restoring our systems safely with enhanced security features and controls. While that process is being undertaken, MMC has closed all operations and hopes to open on a limited basis on Wednesday, May 3rd, with the rest of our operations coming online shortly thereafter.*
Joey Peay, CEO of MMC, states: “Preserving sensitive patient and employee information is of the utmost importance to MMC, but like so many other organizations around the country and despite its best efforts, MMC has found itself as the target of criminals attempting to steal personal or company data. I want to thank our patients and employees for their understanding and patience while we work to make sure our computer infrastructure is secure and free of any harmful software.”
We have worked diligently to communicate closures with all patients in a timely manner using all methods of communication at our disposal. Future updates regarding clinic operations will be posted to our website, social media platforms, and through emails and phone calls directly to patients. We apologize for the vagueness of our recent communications, but we did not want to do anything that would impede law enforcement’s investigative efforts.
While we have not confirmed that any specific patient, employee, or corporate data was accessed or removed from our network, patients and employees of MMC are encouraged to monitor their personal data for any misuse. Personal data could include names, enrollment information such as group name, identification number, claims or treatment information such as claim numbers, dates of service, procedures, prescription information, dates of birth, email addresses, phone numbers, driver’s license numbers, and, in some cases, social security numbers. Please note that MMC does not store credit card or bank account information within its network.
For over 70 years, MMC has been dedicated to caring for our community. We have faced countless challenges over the years including natural disasters, a world-wide pandemic, and now, a highly sophisticated cyberattack. With your continued support, we will overcome this criminal attack on MMC as we continue our commitment to the health of our community!
