Data Security Incidents at Surgery Centers Affecting Patient Information

Severity: Medium (Score: 51.3)

Sources: Morningstar

Summary

Two surgery centers, Advanced Family Surgery Center and Northwoods Surgery Center, reported data security incidents involving unauthorized access to protected health information (PHI). The Advanced Family Surgery Center incident occurred around November 26, 2025, affecting a limited number of systems and potentially compromising patient names, addresses, and Social Security numbers. The Northwoods Surgery Center incident was discovered on September 8, 2025, and involved similar types of patient data. Both centers engaged third-party forensic experts to investigate the breaches and have implemented additional security measures. Neither center has evidence of actual misuse of the compromised information, but they have advised patients to monitor their accounts and offered support services. The Advanced Family Surgery Center has notified affected individuals via U.S. mail, while Northwoods Surgery Center is providing complimentary credit monitoring services. Key Points: • Two surgery centers reported data breaches affecting patient health information. • Both incidents involved unauthorized access to sensitive patient data, including Social Security numbers. • No evidence of misuse has been found, but both centers are taking precautionary measures.

Key Entities

• Data Breach (attack_type)
• Northwoods Surgery Center (company)
• Surgery Center Of Oak Ridge, LLC Dba Advanced Family Surgery Center (company)
• CWE-200 - Exposure of Sensitive Information (cwe)