Patient Notice

Home > Patient Notice

Website Notice to Patients

An unauthorized cyber intrusion was detected at our practice on June 25, 2025 potentially compromising the Personally Identifiable Information (PII) of up to 878 current and former patients. In response to what appeared to be a ransomware attack, we immediately locked down our network and ensured any external connections were terminated. We also disabled all accounts with access to remote desktop web access and we forced an office wide password reset at the same time. Further investigation revealed that our cybersecurity platform detected and effectively stopped movement of malicious activity across the network. As a result, the patient record platform was restored quickly and the archive data was not affected by the attack.

Through our investigation we determined that certain personal information of patients associated with our practice might have been accessed. The affected data may have included name, address, date of birth, social security number, and driver’s license number. However, the incident did not affect any patient Protected Health Information (PHI) such as treatment and payment information.

Following this attack, the thief contacted our office several times demanding that our staff manually activate malware files he left on our system, however our staff did not comply with his demands and the thief discontinued further efforts. There was also an isolated report from a patient that someone posing as an IT professional contacted her indicating that her personal information had been accessed, but the patient immediately hung up the phone and informed our staff. We are not aware of any additional suspicious activity since these incidents occurred. However at our direction, our IT support company has been conducting security inspections and continues to diligently monitor our system platform to protect against further breaches. We have also notified the U.S. Department of Health & Human Services (HHS) of this incident.

In the interest of protecting yourself, we advise you to call anyone of the three major credit bureaus below to place a fraud alert on your credit report. This can help prevent an identity thief from opening accounts in your name. Once the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified to place alerts on your credit report, and all three reports will be sent to you free of charge.

  • Equifax: 1-800-525-6285; www.equifax.com; PO Box 740241, Atlanta, GA 30374-0241
  • Experian: 1-888-397-3742; www.experian.com; PO Box 9532, Allen, TX 75013
  • TransUnion: 1-800-680-7298; www.transunion.com; PO Box 6790, Fullerton, CA 92834-6790

When you receive your credit report, examine it closely and look for signs of fraud, such as credit accounts that are not yours. Even though you’ve established a fraud alert on your account, you should continue to monitor your credit reports to ensure no one has opened an account with your personal information. You are also encouraged to visit the Texas Attorney General website for more information about protecting against identity theft: https://www.texasattorneygeneral.gov/consumer-protection/identity-theft/help-prevent-identity-theft

We sincerely apologize for any concern this may have cause you, and also for the delay in concluding the investigation of this matter and contacting you about it. Protecting your privacy is extremely important to us and we regret that this occurred. If you have any questions about this matter, please don’t hesitate to contact us toll free at (888) 766-1488. Thank you.

    Sincerely,

    Tejas Patel, DMD
    Practice Owner

    © Cure Dental | Website Design by Thanksweb & SEO by Patient on Click
    Call Us Book Appointment