UT: Aspire Surgical notifying patients of data breach

Yet another one you probably hadn’t heard about yet.

From a substitute notice on their website dated February 2:

UT Specialty Dental Services, PLLC a/k/a Aspire Surgical announced today that it is notifying individuals whose information was involved in a recent cybersecurity incident.

On December 7, 2022, Aspire Surgical discovered a cybersecurity incident that impacted its IT systems.

The notice does not reveal when the incident occurred and is not clear whether protected health information was exposed to the unauthorized actor or exposed and exfiltrated. The types of information included name, patient account number, date of service,  and amount paid. “There was no evidence that medical treatment records, social security numbers or financial information for patients were exposed,” they write.

Aspire is offering complimentary credit monitoring and identity theft protection services through IDX.

The notice does not report how many patients are being notified. Because the incident has not yet appeared on HHS’s public breach tool or any publicly hosted state attorney general websites, we do not yet know the total number of patients affected.

As of the time of publication, this incident has not appeared on any of the leak sites routinely checked by DataBreaches. This post will be updated if the situation changes or more information becomes available.

Updated Feb. 15:  This has now appeared on HHS’s breach tool after Aspire submitted it to HHS on Feb. 3. The number of patients affected is reported as 5,327.

About the author: Dissent

Comments are closed.