Menu
Browse

Dr. Kristin Tarbet's Plastic Surgery Center

Primary URL Location Industry
kristintarbetmd[.]com
Country United States of America
Healthcare Icon
Healthcare
Profile

Dr. Kristin Tarbet's Plastic Surgery Center is a United States‑based medical practice that provides cosmetic and reconstructive plastic surgery procedures to patients seeking aesthetic enhancement or functional restoration. The center offers a range of services that may include facial rejuvenation, body contouring, breast surgery, and reconstructive interventions following trauma or illness, consistent with the scope of a private plastic surgery clinic. As a healthcare provider, the organization collects and maintains protected health information such as patient names, birth dates, medical histories, treatment details, insurance records, and Social Security numbers, which are stored in electronic clinical and administrative systems. These systems support appointment scheduling, clinical documentation, and payment processing, as evidenced by the types of files compromised in the 2020 ransomware incident. The practice operates within the ambulatory care sector, focusing on outpatient surgical services and adhering to the regulatory requirements that govern US healthcare entities, including the Health Insurance Portability and Accountability Act (HIPAA).

In May 2020, the center experienced a significant cybersecurity breach when the Maze ransomware group infiltrated its network, exfiltrating a substantial volume of sensitive data despite the group’s previously announced moratorium on attacking healthcare organizations. The attackers obtained clinical measurements, appointment logs, payment processing passwords, and extensive protected health information, potentially affecting thousands of individuals whose records were stored in the compromised files. This incident highlighted the vulnerability of the practice’s information technology infrastructure and underscored the risks associated with storing large volumes of personal and financial data in digital form. Following the breach, the organization faced public scrutiny regarding its data protection practices and the potential impact on patient privacy. While the center’s ownership structure and any parent or subsidiary relationships are not disclosed in the available sources, its status as a private plastic surgery practice remains evident from the nature of its services and the breach context. The event serves as a reminder of the importance of robust cybersecurity measures for healthcare providers that handle highly sensitive patient information.

Incidents
Linked incidents available to members
1 incident