Cyber Incident Victim: Dyersburg Family Walk-In Clinic

Family Health Centers (FMC), a Texas-based operator of four primary care clinics in Amarillo and Canyon, detected suspicious network activity on July 26, 2022. The organization halted the incident on the same day it was discovered. FMC promptly engaged independent IT security and forensic specialists to investigate the nature and scope of the unauthorized activity. The forensic investigation could not confirm whether specific data was accessed or exfiltrated during the breach but could not eliminate the possibility of data exposure. This uncertainty led FMC to conclude that protected health information and personal data might have been compromised.

The breach potentially affected 233,948 individuals whose information was present on FMC’s systems at the time of the incident. Exposed data types included patient names, mailing addresses, Social Security numbers, dates of birth, and protected health information (PHI). FMC disclosed the breach to the U.S. Department of Health and Human Services (HHS) and published a notice on its website to inform impacted individuals. No evidence suggested misuse of the data as of the disclosure date, but the organization did not specify whether additional remediation efforts were undertaken beyond the initial containment and investigation. The incident highlighted vulnerabilities in the clinic network’s infrastructure without revealing technical specifics about the attack vector or duration of unauthorized access prior to detection.