A Des Moines orthopedic surgeon known as DMOS recently notified patients of a possible data breach involving their personal information. Patients like Kathryn Smith received a letter from DMOS in January stating that the breach occurred in February 2023. “We experienced a security incident on or about February 2023.” On February 17, 2023, a DMOS vendor failure allowed an unauthorized attacker to access certain DMOS “I was able to access and delete the files,” the letter states. Smith said receiving a notice of infringement 11 months later is unacceptable. “Why did it take an entire year for patients to realize that they were infected and that their information may have been stolen?” Smith said in the letter. of the possible breach and said it discovered the unauthorized deletion of patient files in December. This discovery then led to the January mailing. She also said she told recipients what they could do to protect their personal information. Smith said this is a responsibility and she shouldn’t lie to her or other patients. “Why should I be proactive?” she said. “They know what information has been stolen and whose information has been stolen.” The breach includes full names, addresses, dates of birth, information contained on driver’s licenses and state IDs, and more. contained personal information, including medical and health insurance information. In a release, DMOS said there is no evidence that any information was used for fraud or identity theft. KCCI reached out to her DMOS for comment but did not receive a response. Get the latest headlines from KCCI » Download the free Her KCCI app to stay informed Go: Apple | Google Play
A Des Moines orthopedic surgeon known as DMOS recently notified patients of a possible data breach involving their personal information.
Patients like Kathryn Smith received a letter from DMOS in January stating that the breach occurred in February 2023.
“On or around February 17, 2023, a security incident occurred in which a DMOS vendor failure allowed an unauthorized attacker to access and delete certain DMOS files from certain systems within our network. ‘, the letter states.
Smith said receiving a notice of infringement 11 months later is unacceptable.
“Why did it take a whole year for me to realize I was infected and to inform my patients that their information may have been stolen?” Smith said.
DMOS said in the letter that it notified the FBI of the possible breach and discovered the unauthorized deletion of patient files in December.
This discovery then led to the January mailing.
We also told recipients what they could do to protect their personal information, such as placing a fraud alert or security freeze on their credit files.
Smith said that shouldn’t put the blame on her or other patients.
“Why should I be proactive?” she said. “They know what information was stolen and whose information was stolen.”
The breach included personal information such as names, addresses, dates of birth, information contained in driver’s licenses and state IDs, and medical and health insurance information.
DMOS said at the time of the release of the letter, there was no evidence that any information was used for fraud or identity theft.
KCCI reached out to DMOS for comment, but received no response.
Get the latest headlines from KCCI
» Download the free KCCI app and get updates on the go: Apple | Google Play
