Cyber Incident Victim: Gore Medical Management
Date:
Feb 2021
Location:
United States of America
Summary
A Georgia medical management organization experienced a data breach involving unauthorized access to files containing personal information of approximately 79,100 patients. The compromised data included names, addresses, dates of birth, and Social Security numbers, though no healthcare or financial records were accessed. Federal authorities discovered the stolen information on an external computer system unaffiliated with the organization, prompting notification months after initial detection. The entity identified and closed the intrusion vector used by the attacker, who did not penetrate its primary medical records database. Affected individuals were offered complimentary identity protection and credit monitoring services for one year following the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In November 2020, the FBI notified Gore Medical Management, operating as Family Medical Center in Georgia, that patient files had been discovered on an unauthorized third-party computer system unrelated to the medical practice. The stolen data contained personally identifiable information of 79,100 individuals, including names, addresses, dates of birth, and Social Security numbers. Notably, the compromised files did not include healthcare treatment records or financial information such as insurance or payment details. The medical center reported the breach to the U.S. Department of Health and Human Services on February 8, 2021, publicly disclosing the incident through a website notice. Forensic investigation determined that the attacker did not infiltrate the organization's primary medical records database to acquire the data, instead exploiting a separate access point into the system. Gore Medical Management identified and disabled this unauthorized access vector several months following the initial breach discovery, though the exact intrusion timeline prior to the FBI's November notification remains unspecified in public disclosures.
The exposed personal information created significant privacy risks for affected patients, including potential identity theft and financial fraud. In response, Gore Medical Management initiated a remediation effort by offering all impacted individuals one year of complimentary identity protection and credit monitoring services. The organization's public notice emphasized the containment of the breach through elimination of the compromised access point but did not detail specific security enhancements implemented post-incident. No evidence suggested misuse of the stolen data at the time of disclosure, though the presence of Social Security numbers in the exfiltrated files elevated potential long-term risks for victims. The medical center coordinated with federal law enforcement throughout the investigation while maintaining standard clinical operations without reported disruption.