Cyber Incident Victim: McAllen Surgical Specialty Center

On May 14, 2021, McAllen Surgical Specialty Center in Texas detected a ransomware attack on its computer systems. The organization immediately engaged third-party computer forensics specialists to investigate the security breach. Forensic analysis revealed that unauthorized individuals had gained access to certain computers and servers two days earlier, on May 12, 2021, and deployed ransomware. The center successfully blocked further unauthorized network access on May 14, the same day the attack was discovered. A comprehensive investigation followed to determine the extent of compromised systems and potential data exposure. By July 22, 2021, investigators concluded that patient information stored on affected servers and computers had potentially been accessed during the intrusion. The compromised data included varying combinations of patient names, addresses, Social Security numbers, dates of service, health insurance details, provider names, patient numbers, and medical record numbers.

McAllen Surgical Specialty Center initiated patient notification procedures on September 20, 2021, mailing breach notices to affected individuals. The organization reported the incident to the Department of Health and Human Services' Office for Civil Rights as impacting 29,227 patients. While no evidence of actual data theft or misuse was identified, the center advised patients to monitor their accounts and insurance statements for fraudulent activity. Internal reviews of existing security policies and procedures were initiated to strengthen defenses against future breaches. The ransomware attack remained contained following the May 14 network access termination, with no subsequent unauthorized access reported through the investigation period.