Alabama Ophthalmology Associates reports large breach affecting over 131K

Earlier this month, the ophthalmology center provided notice of a large breach impacting individuals throughout Alabama. 

What happened

Alabama Ophthalmology Associates (AOA) reported a data breach to the Department of Health and Human Services’ (HHS) Office of Civil Rights on April 8th, 2025. According to the report, the breach impacted 131,576 individuals and was caused by a hacking incident related to an employee's computer and AOA’s network server. 

Impacted data included patient names, dates of birth, Social Security numbers, health insurance information, treatment information, medical record numbers, and medical history information. 

Going deeper

AOA posted a notice online with more details of the breach. The center said the impacted data generally belonged to current and former patients. 

The breach itself dates back to January 30th, 2025, when AOA became aware of “unusual activity within its network.” As soon as AOA discovered the issue, they immediately brought in a digital forensics and incident response firm to determine what data may have been impacted. AOA also took steps to secure its network. 

The investigation determined that an unknown actor had accessed the network between January 22nd and January 30th, 2025. AOA also “undertook a comprehensive review of the impacted data to identify the individuals and information involved,” which concluded on March 19th, 2025. AOA began notifying impacted individuals on April 7th. The ophthalmology center only notified individuals who had a current, active address in AOA’s system. 

The bottom line

Every data breach is a reminder for organizations everywhere to be consistently vigilant in maintaining and updating their cybersecurity systems and procedures. Unfortunately, breaches are becoming more common, yet many organizations still lack the proper tools and knowledge to prevent them. Human error–simply clicking a malicious link or sending an unencrypted email–can be costly and devastating. Automating these tasks with tools like Paubox can easily prevent breaches and ultimately save an organization’s wallet and reputation. 

FAQs

What happens if someone is the victim of multiple data breaches?  

Becoming the victim of multiple breaches can increase an individual’s likelihood of having their data on the dark web. Often, a singular breach will only result in certain information being stolen. For example, one breach may result in someone’s name and address being accessed. A second breach of the same individual may result in a leaked Social Security number, name, and phone number. When a malicious actor combines these pieces of data, they can more easily commit fraud or identity theft. 

Why does it take so long to learn about a data breach?

Data breaches can be difficult to spot and often go undetected for months. Once it's detected, it may take several more months to investigate the incident and determine what data was accessed. All in all, it can sometimes take over a year for patients to be made aware of a data breach incident.