OAG Data Breach Exposed 750,000 Patients

CaseyGerry is investigating a cyber security incident reported by Oregon Anesthesiology Group P.C. (OAG). The data breach may have compromised sensitive data of at least 750,000 patients and 522 current and past employees of the company.

According to the company’s notice of breach, OAG became aware of the attack on July 11, 2021 and were locked out of their systems shortly after. On October 21, 2021, their investigation into the incident showed that a hacking group gained access to their systems through a vulnerability in a third-party platform used by the company.

Through this vulnerability, the hackers accessed a range of sensitive data of patients and employees of the company.

Exposed patient information includes:

• Name
• Date of birth
• Address

Health-related information like:

• Diagnosis
• Medical record and insurance ID numbers
• Insurance provider names and dates of service.

OAG employees were also impacted by the breach. Sensitive identifying and financial information was exposed in the attack including, names, addresses, Social Security numbers, and W-2 information.

If you are a current or past patient, or employee of Oregon Anesthesiology Group, and have received notification of the breach, please contact our experienced attorneys at (619) 238-1811 to explore your legal options.