Skip to main content
health care professional

Otolaryngology Associates Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The Lyon Firm is investigating data breach claims reported by Otolaryngology Associates, LLC, an ear, nose and throat practice group with thirteen Indiana locations. The healthcare entity reported the incident to the U.S. Department of Health and Human Services, noting that the breach possibly affected 316,802 individuals. Contact our legal team for a free case review and to learn more about filing a class action claim.

What Happened at Otolaryngology Associates?

On February 17, 2024, Otolaryngology Associates (OA) discovered that they were the target of a criminal cyberattack. OA discovered the attack shortly after it occurred, but they were apparently unable to prevent the hackers from accessing and obtaining sensitive patient data.

On February 20 and 21, 2024, the alleged hacker sent three communications to OA claiming to have stolen personal data and threatened to leak the stolen data to the public.

While the investigation could not determine the exact files that were viewed or taken, the company believes it is likely that Protected Health Information (PHI) and other personal information of patients and staff may have been compromised.

Otolaryngology Associates is a healthcare provider based in Indiana with 13 locations in central Indiana, making it one of the largest private practice Ear, Nose, and Throat groups in the country. OA provides treatment for allergies, sinusitis, ear infections, pediatric ENT care, and other medical conditions.

What OA Patient Data was Compromised?

Otolaryngology Associates determined that an unauthorized party may have accessed the following this sensitive information on or about February 17, 2024:

  • Name
  • Address
  • Social Security number
  • Date of birth
  • Medical information
  • Health insurance information
  • Treatment information
  • Medical record number
  • Bank account and payroll information

For OA clinic staff, impacted information could also include bank account and payroll information. OA has mailed notification letters to all potentially affected patients and employees.

If you are contacted by Otolaryngology Associates regarding the recent data security incident, it is prudent to stay vigilant and watch your financial and medical accounts closely. To learn more about the risks of medical identity theft and to discuss filing a class action claim with our data breach lawyers, call for a free consultation.