The Dark Overlord Attacked Another Healthcare Provider SMART PT

Healthcare Data Breaches

After a few months of seeming inactivity, TheDarkOverlord (TDO) hacking group has declared yet another successful attack on healthcare company, SMART Physical Therapy (SMART PT) based in Massachusetts.

The hack apparently happened on September 13, 2017, but TDO announced the data theft on Twitter only on September 22, 2017. There was no mention regarding how TDO gained access to the data, though it was disclosed to that the hack took advantage of the system’s weak passwords. The complete database of patients was stolen according to the report.

DataBreaches was given the patient database and confirmed the hack. The database comprised a huge selection of data on 16,428 patients, which includes contact details, birth dates and Social Security numbers.

This was an attempt by TDO to extort. SMART PT received a ransom demand in Bitcoin, though the company did not and will not pay. According to SMART PT spokesperson Joanne Ponte, the company refuse to connect with the cyber criminals and agree to the extortion demands.

TDO hacked healthcare companies several times in the last two years, which included Little Red Door Cancer Services of East Central Indiana, Ca-based Dougherty Laser Vision, , Hand Rehabilitation Specialists, OC GastroCare, Tampa Bay Surgery Center, Athens Orthopedic Clinic and Aesthetic Dentistry. In a couple of cases, not responding to TDO’s emails and not giving their extortion demands ended in the dumping of patient information online.

Because the attack just happened in the last couple of days, the breach report is not yet submitted to the Department of Health and Human Services’ Office for Civil Rights. Patients have not received notification letters as well. SMART PT is now investigating the data breach and is carrying out its breach response standard protocol.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: