Data breaches have been announced by Gardner Orthopedics in Florida, Blue Cross and Blue Shield of Massachusetts, Health Care and Rehabilitation Services of Southeastern Vermont, Retina Associates of Cleveland, and Clement Manor in Wisconsin.Gardner Orthopedics, Florida—————————-Gardner Orthopedics in Fort Myers, Florida, has recently determined that the protected health information of 47,000 patients was potentially compromised in a recent cyberattack. While not described as a ransomware attack, the Inc Ransom ransomware group claimed responsibility and added Gardner Orthopedics to its dark web data leak site on May 15, 2025, along with samples of the stolen data.Gardner Orthopedics detected the intrusion on April 29, 2025, and engaged third-party cybersecurity experts to contain the incident and determine the nature and scope of the unauthorized activity. The company also rebuilt the affected systems and strengthened security. Data had been backed up, and the backups were unaffected, so data could be recovered, and the network was rebuilt and restored within a week. Information potentially compromised in the incident included names, addresses, dates of birth, Social Security numbers, medical records, treatment information, and health insurance information.Blue Cross and Blue Shield of Massachusetts——————————————-Blue Cross and Blue Shield of Massachusetts (BCBSM) members are being notified about a security breach at one of its vendors, Cierant Corporation, a printing and mailing vendor. On December 10, 2024, a hacker exploited a vulnerability in the Cleo VL Trader tool, which is used by Cierant for secure file transfers. The hacker obtained files that contained names, addresses, and limited protected health information of 4,855 BCBSM members. When the hacking incident was detected, Cierant ceased use of Cleo VLTrader, rotated passwords, and took several other steps to enhance network security. Cierant is issuing notification letters to the affected individuals and has offered complimentary credit monitoring and identity theft protection services.Health Care and Rehabilitation Services of Southeastern Vermont—————————————————————Health Care and Rehabilitation Services of Southeastern Vermont has discovered that two employee email accounts have been accessed by unauthorized individuals. Suspicious activity was identified within its email environment on December 20, 2024. Immediate action was taken to prevent further unauthorized access, and an investigation was launched to determine the nature of the activity.The investigation confirmed that the accounts had been accessed by an unauthorized third party between December 4, 2024, and December 9, 2024, and the forensic review confirmed that the accounts contained employee and client information. The exposed information varied from individual to individual and may have included some or all of the following: first and last name, date of birth, Social Security number, financial account number, and driver’s license number. Protected health information in the accounts included dates of treatment/service, health insurance information, medical history, patient number, medical record number, billing information, and treatment information. Health Care and Rehabilitation Services of Southeastern Vermont has mailed notification letters to the affected individuals and is taking steps to improve email security.Retina Associates of Cleveland, Ohio————————————Retina Associates of Cleveland, Inc. has recently disclosed an email incident that was identified on February 5, 2025. The investigation revealed the account was accessed by an unauthorized individual between January 9 and February 5, 2025. The account was reviewed to determine whether any patient information had been exposed, and that process has recently been completed.The protected health information of 3,604 individuals was found in emails and attachments, which could have been viewed or copied. The types of information involved varied from individual to individual and may have included a patient’s name in combination with some or all of the following: address, phone number, email address, date of birth, Social Security number, driver’s license or state identification number, Medicare or Medicaid number, medical record number, health insurance member number, diagnosis/treatment information, procedures, medical histories, allergies, prescription information, lab test results/medical images, admission dates, treatment dates, treatment locations, healthcare provider name, treatment cost, and/or financial account number.Retina Associates of Cleveland said it has no reason to believe that any of the exposed information has been or will be misused; however, the affected individuals have been advised to monitor their accounts and explanation of benefits statements for suspicious activity. Notification letters were mailed to the affected individuals on June 20, 2025.Clement Manor, Wisconsin————————Clement Manor, a senior retirement village in Greenfield, Wisconsin, experienced a cyberattack on or around April 14, 2025. The incident was described as ‘a network disruption that affected its ability to access certain systems,’ which suggests ransomware was used to encrypt files, although ransomware was not mentioned in the substitute notification letter.Third party cybersecurity experts were engaged to investigate the incident, and it was determined that sensitive data may have been accessed or acquired, including first and last names, addresses, dates of birth, driver’s license numbers, Social Security numbers, diagnoses/conditions, medication information, health insurance information, provider names, other treatment information, and/or financial account information.Clement Manor reported the incident to law enforcement, has implemented additional cybersecurity measures to prevent further incidents, and the affected individuals are being offered complimentary credit monitoring and identity theft protection services. The file review is ongoing, so the total number of affected individuals has yet to be determined. An interim figure of 500 affected individuals has been provided to the HHS’ Office for Civil Rights, and the total will be updated when the file review is concluded.The post [Gardner Orthopedics Ransomware Attack Affects 47,000 Patients](https://www.hipaajournal.com/gardner-orthopedics-ransomware-attack/) appeared first on [The HIPAA Journal](https://www.hipaajournal.com).
Related Tags:
GOLD IONIC
NAICS: 524 – Insurance Carriers And Related Activities
NAICS: 621 – Ambulatory Health Care Services
NAICS: 62 – Health Care And Social Assistance
NAICS: 623 – Nursing And Residential Care Facilities
NAICS: 52 – Finance And Insurance
NAICS: 622 – Hospitals
Blog: Hipaa Journal
Phishing: Spearphishing Attachment
Associated Indicators: