Cyber Incident Victim: Peachtree Orthopedics

Peachtree Orthopedic Clinic in Atlanta experienced a cybersecurity incident involving unauthorized access to its computer systems, with the breach first being investigated in mid-2016. The clinic publicly confirmed the intrusion on September 22, 2016, though evidence suggested the compromise occurred earlier, potentially linked to activity by the threat actor known as TheDarkOverlord. Initial indications of the breach surfaced in late June 2016 when the attacker provided clues to a security researcher, prompting the clinic to launch an investigation with FBI assistance by August 15, 2016. Forensic analysis revealed that attackers accessed sensitive patient information including names, home addresses, email addresses, and dates of birth, with some records also containing treatment codes, prescription details, and Social Security numbers. The majority of affected patients had received care prior to July 2014, though a limited number of post-July 2014 patients were also impacted.

The clinic initiated response measures immediately upon confirming the breach, engaging digital forensic specialists and coordinating with federal law enforcement. Patient notifications began via mailed letters that outlined the compromised data types and offered one year of complimentary identity protection services with credit monitoring. A dedicated call center ((844) 801-5973) operated during business hours to address patient inquiries. CEO Mike Butler acknowledged the breach through a website statement emphasizing patient confidentiality concerns while noting the investigation remained ongoing. The disclosure highlighted potential risks of identity theft but did not specify technical details about the intrusion method or system vulnerabilities exploited. No ransomware demands or public data releases were referenced in the clinic's official communication regarding the incident.