On January 7, 2025, Sunflower Medical Group, P.A. (Sunflower) became aware of suspicious activity within its computer network. Sunflower promptly began an investigation, with the assistance of a leading cybersecurity firm. The investigation determined that an unknown third party accessed Sunflower’s systems on or about December 15, 2024, and, during that time, acquired copies of files from Sunflower’s systems.
Sunflower reviewed the identified accessed files and determined they contained the personal information of certain individuals. The type of information varied by individual but may have included one or more of the following: name, address, date of birth, Social Security number, driver’s license number, medical information, and health insurance information.
Sunflower sent letters to involved individuals for whom valid mailing addresses were available, including an offer of complimentary identity theft protection services for those whose Social Security numbers and/or driver’s license numbers were involved. To date, Sunflower has no evidence that personal information has been misused; however, as a precautionary measure, Sunflower recommends individuals remain vigilant to protect against potential fraud and/or identity theft by, among other things, reviewing account statements and monitoring credit reports.
Must Know Recalls of 2025
Sustainability as a Baseline in Healthcare Facilities
Comanche County Memorial Hospital and Southwestern Medical Center Join to Form Partnership
Choosing a Disinfectant That Kills Biofilm
Third-Party Data Breach Case Underscores Need for Cyber Risk Management