Cyber Incident Victim: Live Oak Surgery Center
Date:
Aug 2022
Location:
United States of America
Summary
Unauthorized access to two employee email accounts at Live Oak Surgery Center potentially exposed sensitive information belonging to 5,264 patients. The breach involved compromised data including names, financial account and payment card details, dates of birth, medical and health insurance records, passport numbers, Social Security numbers, driver's license identifiers, and login credentials with passwords. While the organization found no evidence of information misuse following its investigation, it notified affected individuals and implemented enhanced security protocols to safeguard data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between August 10 and September 27, 2022, an unauthorized third party gained access to two employee email accounts at Live Oak Surgery Center in Plano, Texas. The intrusion was detected during this period, though the exact date of initial discovery remains unspecified in public reporting. The surgery center conducted an investigation that concluded on November 17, 2022, confirming the compromise and determining that sensitive patient information stored within one of the breached email accounts had potentially been viewed or exfiltrated. The compromised data included names, dates of birth, Social Security numbers, driver's license numbers, passport numbers, financial account information, payment card details, medical information, health insurance data, and usernames with corresponding passwords. This breach impacted 5,264 patients whose information resided in the affected email account. The center did not disclose technical specifics regarding how the email accounts were compromised or whether multi-factor authentication was in use at the time of the incident. No evidence suggested the attackers moved laterally beyond the two email accounts within the organization's network.
Live Oak Surgery Center initiated breach notification letters to all affected individuals on January 3, 2023, more than four months after the intrusion period ended and six weeks after concluding their investigation. The notification explicitly stated the organization had no awareness of any actual misuse of the exposed patient data as of that date. In response to the incident, the surgery center implemented unspecified additional security measures designed to enhance information protection, though technical details of these measures were not publicly documented. The compromised email accounts contained a broad spectrum of sensitive patient data rather than being limited to a single category, significantly expanding potential risks for identity theft, financial fraud, and medical privacy violations among affected individuals. The center maintained operational continuity throughout the investigation and remediation phases without reporting any service disruptions attributable to the breach.