Cyber Incident Victim: Fairfield County Implants and Periodontics

Fairfield County Implants and Periodontics (FCIP) discovered a compromised email account on March 2, 2022, initiating a data security incident affecting 10,502 individuals. The unauthorized access exposed sensitive patient information stored within the email account, including Social Security numbers and health insurance details. FCIP did not specify the exact timeframe during which the account was compromised or the method of initial access beyond classifying it as an email security incident. The discovery prompted immediate action to secure the affected account and investigate the scope of the breach. No evidence suggested data exfiltration or removal of personal information from FCIP’s systems, though the presence of sensitive data in the compromised account created significant exposure risks.

FCIP began notifying impacted patients following the investigation, outlining the types of exposed information and potential risks. The practice offered affected individuals free identity theft protection services to mitigate potential harm from the disclosure of sensitive identifiers. FCIP publicly committed to implementing additional safeguards to strengthen its email security posture, though specific technical or procedural changes were not detailed in available reports. The incident underscored vulnerabilities associated with email-based data storage and the consequences of unauthorized account access in healthcare settings. Regulatory reporting and patient notification processes were completed in accordance with breach disclosure requirements following the March 2022 discovery.