Fort Worth Brain & Spine Institute disclosed a ransomware attack in February 2025 affecting 89,000 patients. PHI including diagnosis codes, treatment records, and insurance information was compromised.
Ransomware delivered via phishing targeting billing department. Credential compromise led to EMR and billing system encryption. Sensitive neurology and spine diagnosis codes in exfiltrated data.
Sentinel ($89/ep/mo) — 24/7 SOC + SIEM. Fortress ($109/ep/mo) — Sentinel + EDR management + vulnerability management. Command ($129/ep/mo) — Fortress + vCISO + compliance mapping + IR plan. See full tier comparison →
| Regime | Standard / Citation | Gap Identified |
|---|---|---|
| HIPAA | 45 CFR §164.308(a)(5) | Security awareness — billing staff targeted by phishing; no documented simulation program |
| HIPAA | 45 CFR §164.312(a) | Access control — billing staff had access to clinical diagnosis records beyond minimum necessary |
| TDPA | Tex. B&C Code §521.053 | 89,000 TX patient notifications required |
CoreRecon cites verifiable public sources only. No speculation on unverified attribution is published. Threat actor attribution appears only where publicly confirmed by law enforcement or the organization.
Free $2,500 security posture assessment for Texas organizations. We map your gaps against the same attack vectors used in this incident. No contract, no commitment.