Central Ozarks Medical Center Data Breach Exposes SSNs

Central Ozarks Medical Center, a Federally Qualified Health Center serving mid-Missouri, recently experienced a data breach that has compromised PII and PHI of patients. The breach was the result of a criminal cyberattack that targeted the organization’s systems.

The incident was first identified when Central Ozarks Medical Center detected unauthorized access to its network. With the help of third-party cybersecurity experts, the organization quickly moved to secure its systems and launched a thorough investigation.

The types of information exposed in the breach include names, dates of birth, Social Security numbers, financial account information, medical treatment details and health insurance information.

11,818 total individuals have been affected by the breach, including one Massachusetts resident.

Central Ozarks Medical Center notified the Massachusetts Office of Consumer Affairs and Business Regulation as well as the U.S. Department of Health and Human Services. The company has also posted a detailed notice to consumers on its website.

Central Ozarks Medical Center's response

In response to the breach, Central Ozarks Medical Center has taken several steps to protect affected individuals and prevent future incidents. The organization engaged cybersecurity professionals to assist with the investigation and has implemented a series of cybersecurity enhancements, with additional improvements planned.

Given the sensitive nature of the data involved, affected individuals should remain vigilant by regularly reviewing their financial and health care account statements, monitoring credit reports, and being alert for any suspicious activity.

To support those whose information may have been compromised, Central Ozarks Medical Center is offering at least 12 months of free credit monitoring and related services through IDX.

Affected individuals are encouraged to contact the dedicated call center at 833-816-6531, Monday through Friday, 9 a.m. to 9 p.m. Eastern time, to determine if their information was involved and to enroll in these protective services.