Arizona Urologist Reports Breach Affecting 73,000 Patients

Author

Taylor Hawes
February 18, 2026

From the Editor’s Desk

Over the past week, regulators in the United States and Europe continued to tighten scrutiny on data handling and third-party risk. At the same time, ransomware groups have shifted toward data theft and extortion rather than system lockouts. The pattern is clear: exposure risk is rising even when core systems remain online. Are your monitoring tools focused only on uptime, or also on silent data exfiltration?

🔎 Deep Brief

Arizona Urologist Reports Breach Affecting 73,000 Patients

An Arizona-based urology practice disclosed a data breach affecting roughly 73,000 individuals. According to Comparitech, exposed data included Social Security numbers, medical records, and financial information. The breach stemmed from unauthorized access to the provider’s systems, with attackers obtaining highly sensitive personal and healthcare data. Healthcare remains a frequent target due to the resale value of medical records and the operational pressure providers face. Notifications have been issued, and affected individuals are being offered credit monitoring services.

Incidents of this nature highlight the compounded risk when medical, identity, and financial data reside in the same environment. Healthcare entities remain subject to federal and state reporting rules, and breaches involving Social Security numbers often trigger stricter notification requirements.

Takeaway

Healthcare organizations must treat identity data, financial information, and clinical records as a unified high-risk asset class. Network segmentation, privileged access controls, and continuous monitoring are no longer optional controls in medical environments.

Put your emails on autopilot, and your business results in overdrive.

Marketing that runs itself? Yeah, that’s a thing now.

Constant Contact has automation tools that run in the background so you don’t have to. Emails, texts, offers — they go out exactly when you want them to, without needing to hit send every time.

Want to make customers feel seen? Use an automation template to send birthday wishes. Trying to boost sales? Set up an abandoned cart email — it’s a friendly reminder that often leads to actual purchases. Got customers who’ve gone MIA? Send a promo or offer to bring them back.

Are you ready to stop spending time on repetitive stuff? Then give Constant Contact’s automation tools a try. It’s free to get started, and honestly? It’s kind of a game changer.

🧠 Strategy in Action

Coupang’s Cybersecurity Crossroads

Coupang faced intense scrutiny after a massive customer data breach exposed deep structural weaknesses. Reports indicate that 33.67 million customer records were compromised, including 148 million shipping addresses. In a country of roughly 52 million people, the scale suggests that most households were affected. Given that minors cannot open accounts, the breach likely touched a large share of the adult population. The incident raised serious concerns about cybersecurity readiness at a company that conducts the vast majority of its business in South Korea.

Takeaways: 

The broader lesson is consistent across markets: companies operating at national scale must align growth with robust data protection controls, executive accountability, and transparent public engagement..

🕵️ Threat Actor Spotlight

APT29

APT29, also known as Cozy Bear, is a state-linked threat group associated with Russia. This group has conducted cyber espionage campaigns targeting government agencies, diplomatic entities, healthcare, and technology firms. APT29 is known for stealthy operations, spear-phishing campaigns, and the use of custom malware to maintain long-term access.

The group gained global attention for its role in high-profile supply chain intrusions and credential theft campaigns. Its tradecraft emphasizes persistence, privilege escalation, and data exfiltration while minimizing detection.

Security teams defending against APT29-style activity must prioritize email filtering, multifactor authentication, identity monitoring, and detection of anomalous lateral movement within networks.

🛠️ Tool Check

Application Performance Management Tools

We reviewed leading Application Performance Management (APM) platforms to help IT teams monitor application health, latency, and user experience. The guide compares tools based on deployment options, observability depth, automation features, and integration with cloud and hybrid systems.

Solutions such as distributed tracing platforms, synthetic monitoring tools, and full-stack observability suites allow organizations to detect performance degradation before users are affected.

For IT decision-makers, the choice often depends on infrastructure complexity, compliance needs, and the level of automation required. Strong APM deployment not only improves uptime but also helps detect unusual system behavior that may indicate security compromise.

🗣️ Community Signal

Security teams face constant blitzes — phishing, ransomware, new regulations, nonstop attacks. There’s no halftime, no timeouts. 🏈 Just like football, strong fundamentals and preparation make all the difference. No one is exempt from a cyberattack, and the organizations that accept that reality are the ones best positioned to defend and protect. In cybersecurity, the next snap is always coming — the only question is whether you’re on offense or defense. Colleen Rudisill, Angel Investor.

📚 Don’t Miss This

Advertise with Comparitech
Does your business offer services or products in cybersecurity? Get your product seen by IT leaders and professionals.

Advertise with us →

Until Friday’s edition - Let’s keep that zero-day count at zero!