August 11, 2022:
Goodman Campbell learned on August 5, 2022, that the leak site used to share patient and employee information following the May 20 data breach has been reactivated by the attacker.
Written notification about the event was sent to impacted individuals following our investigation. This notification stated that some information acquired by the attacker was made available for approximately ten days on the dark web – a section of the internet that is commonly used in these types of attacks and cannot be viewed using a standard web browser or found by search engines.
This statement was accurate at the time the notification letters were sent on July 19. However, we have been notified by forensic experts and law enforcement officials that the stolen data is once again accessible on the attacker’s site. We understand that this is a difficult situation for individuals affected by the data breach. It is important to note that the notification letters sent to impacted individuals contain complimentary credit monitoring services that also include unlimited online access to identity theft prevention resources.
In addition to enrolling in the complimentary credit monitoring services, we encourage Goodman Campbell patients and staff to remain vigilant in monitoring financial institutions’ statements and credit reports for irregular or fraudulent activity. Some other actions individuals can take to protect their personal data can be found at https://goodmancampbell2020.welldonesite.com/2022/06/protecting-your-personal-data/.
If you have any questions or need assistance, please call 1-866-984-3033 between 9:00 am and 7:00 pm (EDT) Monday through Friday.
July 19, 2022:
As of July 19, 2022, Goodman Campbell has resumed all clinical operations. Additionally, our communication systems have been fully restored and patients can once again reach us using our email or phone directory system to directly connect with Goodman Campbell’s staff.
The results of our investigation into the May 20th cyber incident concluded that an unauthorized third party acquired information from our systems, including information regarding our patients and employees. Though we were not able to verify the full nature and extent of personal information that was compromised, we do know that the information accessed by the attacker included medical, financial, and demographic information relating to our patients. Notably, the attacker did not access our electronic medical record system, but was able to access patient information and records in other locations on our internal network, such as appointment schedules, referral forms, and insurance eligibility documentation. The information impacted may include: name, date of birth, address, telephone number, email addresses, medical record number, patient account number, diagnosis and treatment information, physician name, insurance information, date(s) of service, and Social Security number.
We are taking steps to provide written notification to impacted individuals identified during the course of our investigation. However, we encourage Goodman Campbell patients and staff to be vigilant in reviewing banking/financial account statements and credit reports for fraudulent or irregular activity. Some specific steps individuals can take to protect their personal data are available here.
Goodman Campbell Brain and Spine offers its sincere apologies for any inconvenience this incident may have caused. We value the trust that our patients and staff members place in us and take seriously our role in safeguarding the personal information in our care.
If you have any questions or need assistance, please call 1-866-984-3033 between the hours of 9:00 am and 7:00 pm (EDT) Monday through Friday.
June 17, 2022:
As of June 17, 2022, our phone systems have been restored and callers can once again use our phone directory system to directly reach Goodman Campbell’s staff.
Our main phone number 317-396-1300 will also continue to be staffed from 8:00 a.m. – 4:30 p.m., Monday through Friday. Goodman Campbell’s email system has not yet been fully restored so we are encouraging patients and doctors to contact us via phone. We appreciate the understanding of our patients, medical colleagues, and employees as we work to restore our systems.
While our investigation with forensic experts and law enforcement officials is still ongoing, we have determined that a number of files obtained by the cyber criminals during the course of this cyber-attack have been posted on the dark web. The dark web is a portion of the internet that cannot be found by search engines and is not viewable in a standard web browser so it is a very common platform for cyber criminals to use in these types of attacks. While we are still working to determine the full extent of data that may have been released, we know that some of the files posted contained sensitive patient and business information. The security of our patients’ and employees’ data is of the utmost importance, and we deeply regret that this attack on our systems occurred.
When our investigation into the cyber-attack is complete, we will be reaching out via U.S. mail to those impacted patients and staff members. In the interim, we encourage Goodman Campbell patients and staff to be vigilant in reviewing banking/financial account statements and credit reports for fraudulent or irregular activity. Some specific steps individuals can take to protect their personal data are available here.
June 3, 2022:
On May 20, 2022, Goodman Campbell Brain and Spine (Goodman Campbell) was the victim of a cyber-attack impacting our computer network and communications systems. Upon learning of this issue, we immediately took steps to secure our systems and engage a forensic analysis and incident response firm. These professionals are currently working with us to restore our affected systems, recover data, and eradicate any malicious activity from our systems. We have also notified the FBI cybercrimes division to assist with this case and are actively working with their ransomware experts.
Though we have not yet been able to verify the full nature and extent of personal data that may have been compromised, initial analysis indicates that both Goodman Campbell patient and employee data has been accessed by an unauthorized party. The security of our patients’ and employees’ data is of the utmost importance, and we deeply regret that this attack on our systems occurred. When our investigation into the cyber-attack is complete, we will be reaching out via U.S. mail to those impacted patients and staff members. Goodman Campbell is working diligently to address the impacts of the recent cyber-attack. Until our systems are fully restored, we are asking patients with urgent medical needs to call our main phone number 317-396-1300 to speak with an advanced practice provider from 8:00 a.m. – 4:00 p.m., Monday through Friday. We have established processes that permit us to care for our urgent patients until our systems are fully restored. We are committed to provide exceptional care to our patients, and will provide additional updates here as appropriate. We appreciate the understanding of our patients, medical colleagues, and employees as we work to restore our systems.
We do not have any additional details to share at this time, but we will update this website with relevant developments as the investigation continues. In the interim, we encourage Goodman Campbell patients and staff to be vigilant in reviewing banking/financial account statements and credit reports for fraudulent or irregular activity. Some specific steps individuals can take to protect their personal data are available below.
Anyone with concerns about their data should 1) monitor their credit reports, 2) obtain a fraud alert, and 3) place a security freeze on their credit.
How can I review my credit report?
Federal law requires credit reporting companies to give you a free credit report every 12 months if you request it. You can access your free credit report at www.annualcreditreport.com.
What is a fraud alert?
A fraud alert tells creditors to contact you personally before they open any new accounts.
How do I place a fraud alert on my account?
To place a fraud alert, you will need to contact any one of the three major credit bureaus (as soon as one credit bureau confirms your fraud alert, they will notify the others to place fraud alerts).
P.O. Box 105069
Atlanta, GA 30348
How long does a fraud alert last?
An initial fraud alert lasts one year and it is free; you may then renew the fraud alert.
Will a fraud alert stop me from using my credit cards?
No. A fraud alert will not stop you from using your credit cards or other accounts.
Can I still apply for a credit card or loan after I place a fraud alert on my credit report?
Yes, but the verification process may be more cumbersome. Potential creditors will receive a message alerting them to the possibility of fraud and that creditors should re-verify the identity of a person applying for credit.
How do I place a Security Freeze on my credit files and how much does it cost?
If you are very concerned about becoming a victim of fraud or identity theft, you may request a “Security Freeze” be placed on your credit file, at no cost to you. A security freeze prohibits, with certain specific exceptions, the consumer reporting agencies from releasing your credit report or any information from it without your express authorization. You may place a security freeze on your credit report by sending a request in writing, by mail, to all three nationwide credit reporting companies. To find out more on how to place a security freeze, you can use the following contact information:
Equifax Security Freeze
P.O. Box 105788
Atlanta, GA 30348
TransUnion Security Freeze
P.O. Box 2000
Chester, PA 19016
To place the security freeze, you will need to provide your name, address, date of birth, Social Security number and other personal information. After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.
How should patients or staff report incidents of suspected or actual identity theft or fraud?
We encourage anyone who suspects identity theft or fraud to report the incident at www.identitytheft.gov, a federal resource for identity theft victims.