Vitenas Cosmetic Surgery is notifying individuals of a large data breach that occurred earlier this year.
What happened
According to a notice provided to the Vermont Attorney General’s Office, Vitenas Cosmetic Surgery recently experienced a data breach impacting approximately 31,852 individuals.
The breach was discovered by Vitenas on February 26th, 2025, when the IT team determined that an unauthorized third party attempted to infiltrate their computer network. Once Vitenas learned about the incident, they immediately launched an investigation with the help of a third-party cybersecurity team.
The investigation concluded on March 28th, 2025 and determined that some information was accessed or stolen, including names, dates of birth, Social Security numbers, driver’s license numbers, and health information.
Going deeper
According to Comparitech, the ransomware gang Kairos has claimed responsibility for the attack. DataBreaches.net contacted Kairos, who claimed they had accessed Vitenas through a “simple brute force attack.” The group also alleged that they had engaged in negotiations with Dr. Vitenas, the practice’s primary surgeon.
Kairos claimed that they successfully stole 734 GB of data, including images of patients. On March 5th, Kairos added the plastic surgery clinic to its data leak site, including some data and photos as proof the breach.
The bottom line
In response to the breach, Vitenas said they are working with cybersecurity experts “to analyze and enhance our internal security architecture to better protect the privacy and security of information in our systems, and to prevent a similar incident from occurring in the future.”
While Vitenas is a relatively small practice in Houston, Texas, that does not make it any less vulnerable to attack. Every healthcare organization, no matter the size, must be vigilant in protecting their patients’ data.
FAQs
What should impacted patients do after a data breach?
Impacted patients should take the steps outlined in the breach notice they received from Vitenas, such as enrolling in credit monitoring services. Individuals should also carefully monitor their credit statements for any suspicious activity, especially if they have been a victim of other breaches. Multiple breaches can make individuals more susceptible to fraud or identity theft.
Who is Kairos?
Kairos is a relatively new ransomware group that became active around July 2024. Since then, it’s added 30 victims to its data leak site. In the past, the gang has mostly targeted healthcare organizations but has also targeted other entities, like the government, schools, financial organizations, and construction companies.
What is a brute force attack?
A brute force attack is one that uses trial and error to access a network. For instance, a hacker may simply try numerous passwords until one works. Attackers frequently use automation to speed up this process.
Abby Grifno
