DES MOINES, Iowa — Des Moines Orthopedic Surgeons is notifying patients that their personal information may have been stolen after the medical facility suffered a security breach in February 2023.
In a letter to patients, DMOS said an “unauthorized actor” was able to access and remove certain DMOS files. The medical facility said it became aware of the stolen information in December 2023, and started notifying patients in January.
The letter also included DMOS’s investigation into the types of data stolen. Its investigation shows that patient data obtained may have included individuals’ full name and address, as well as date of birth, state ID number, social security number, drivers license number, medical information, health insurance information, and direct deposit bank information.
DMOS advises patients to take steps toward protecting themselves, like credit monitoring, fraud alert, and security freezes.
Doug Jacobson, director of Iowa State University’s Cybersecurity Innovation and Outreach, said this breach is one of the worst he’s seen, and said that the stolen data is “everything you’d want as a thief.”