DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Center for Digestive Health notifies patients of April 2024 cyberattack

Posted on March 11, 2025 by Dissent

In May, 2024, the threat actors known as BianLian added the Center for Digestive Health in Florida to their dark web leak site. In June, they leaked what they claimed was 2.2 TB of files that they described as:

  • A physical and medical history examination.
  • Accounting, budget, financial data.
  • Contract data and NDA’s.
  • Accidents.
  • Files from CFO PC.
  • Operational and business files.
  • Email and msg archives.

That was then.  This is now:

On March 6, the Maine Attorney General’s Office posted a breach submission by external counsel on behalf of Gastroenterology Associates of Central Florida, P.A. (dba the Center for Digestive Health). The submission indicated that 122,437 people were affected, and it included a copy of the notification letter being sent to those affected.

The notification stated that on April 11, 2024, the center detected abnormal activity in their IT network. An investigation revealed that an unauthorized individual or individuals had accessed and acquired files with patient information. The information included name, Social Security number, date of birth, and health information. In a notice on its website, the medical practice adds:

While the Clinic is unaware of any fraudulent misuse of your personal information at this time, we are providing you with details about the incident, steps we are taking in response, and resources available to help you protect against the potential misuse of your information. Please be assured that the Clinic takes the protection and proper use of your personal information very seriously.

Yet nowhere do they inform patients that data was leaked on the dark web months ago — or what kind of data was leaked on the dark web. Is any of it protected health information or personally identifiable information of patients?

A check of BianLian’s dark web leak site this week revealed  that the listing is still online as are the links to the data dump, but the links to the downloads are not working. Emails were sent to both the center and to BianLian (DataBreaches was unable to reach BianLian via their Tox account). No replies were immediately available, but this post will updated if more information becomes available.

 

Category: Breach IncidentsHackHealth Data

Post navigation

← Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida
Computers containing thousands of patients’ records stolen from Belfast hospital →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Investigation of 2024 Helsinki data breach – Report
  • Major trial underway for data leak that left 72,000 victims in France
  • Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
  • HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
  • US offering $10 million for info on Iranian hackers behind IOControl malware
  • Sompo Japan Insurance submits improvement plan after info leakage
  • Moreno Valley, Calif., Schools Report Data Breach
  • The Growing Cyber Risks from AI — and How Organizations Can Fight Back
  • UPDATING: Credit Control Corporation denies any current breach
  • Copilot AI Bug Could Leak Sensitive Data via Email Prompts

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DOJ Seeks More Time on Tower Dumps
  • Your household smart products must respect your privacy – including your air fryer
  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.