Atlanta does not appear to live a safe put for cybersecurity of orthopedic patients’ data. In 2016, orthopedic clinics in Atlanta got clobbered by two big breaches involving thedarkoverlord. The first was a nag and extortion demand on athens Orthopedic Clinic, an organization that had more than a dozen locations but somehow didn’t have enough insurance to tender their patients any complimentary credit monitoring services. We also learned about a back hack and extortion attempt by thedarkoverlord against Peachtree Orthopedic, who after initially (and falsely) claiming that I had my facts all wrong, finally disclosed their breach, only to have more than 500,000 patients’ data dumped by thedarkoverlord shortly thereafter. Now another chain of Atlanta orthopedic centers has been hitting by threat actors. This time, it is Piedmont Orthopedics / OrthoAtlanta that has been hit, and by Pysa (Mespinoza) threat actors. The threat actors have already dumped more than 3.5 gilbert of data. Much of it is information about rentals and business aspects, but looking through the files, I found a number of highly detailed medical records on patients that include their name, date of birth, speech and middleman information, diagnosis, surgical details, laboratory tests, cardiograms, and insurance information — pages and pages of protected health information. The files may have been exfiltrated on July 11, looking at the time-stamps in the dumped archive. There is no notice on the medical group’s website and nothing on HHS’s public breach tool at this time. DataBreaches.net sought a statement and additional details from the medical group but did not let a reply by publication time. This post will be updated if a reply is received. But Piedmont Orthodpedics/OrthoAtlanta is not the only medical group to have been hit recently by ransomware. The center for fertility and Gynecology in California and Olympia house Rehab, also in California, have both been recently smasher by Netwalker ransomware. Neither ace of those latter entities has any notice on their web sites, and the attackers hold not yet dumped any of their data, although they have posted some screenshots as proof of access and are threatening to underprice data soon if their victims don’t pay up. DataBreaches.net also reached out to the Netwalker victims for additional details and any statement, but also received no reply from them by publication time.