Teton Orthopaedics reports ransomware attack exposing patient information

Teton Orthopaedics, a Wyoming-based orthopedic practice, is reporting a ransomware attack that compromised sensitive patient information. Teton Orthopaedics is a medical practice based in Jackson, Wyoming, specializing in orthopedic care, sports medicine, and musculoskeletal health services.

The security incident was identified as a ransomware attack that occurred on March 25, 2024. However, investigation revealed that unauthorized actors had maintained network access for an extended period between January 16, 2024, and March 25, 2024.

The healthcare provider has notified law enforcement, engaged external cybersecurity experts for investigation and performed a review of compromised files. Exposed data includes:

• Names
• Social Security numbers
• Financial account information
• Passport information
• Physical addresses
• Dates of birth
• Health insurance information
• Medical information
• Driver's license numbers
• Government ID numbers
• Payment card information

The exact number of affected individuals has not been publicly disclosed.

Update - as of 12th of January 2025, Teton Orthopaedics reports that the data breach impacted 13,409 people. The breach affected both patients and employees of the organization.

Teton Orthopaedics sent notification letters to affected individuals on December 13, 2024.