DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Center for Digestive Health notifies patients of April 2024 cyberattack

Posted on March 11, 2025 by Dissent

In May, 2024, the threat actors known as BianLian added the Center for Digestive Health in Florida to their dark web leak site. In June, they leaked what they claimed was 2.2 TB of files that they described as:

  • A physical and medical history examination.
  • Accounting, budget, financial data.
  • Contract data and NDA’s.
  • Accidents.
  • Files from CFO PC.
  • Operational and business files.
  • Email and msg archives.

That was then.  This is now:

On March 6, the Maine Attorney General’s Office posted a breach submission by external counsel on behalf of Gastroenterology Associates of Central Florida, P.A. (dba the Center for Digestive Health). The submission indicated that 122,437 people were affected, and it included a copy of the notification letter being sent to those affected.

The notification stated that on April 11, 2024, the center detected abnormal activity in their IT network. An investigation revealed that an unauthorized individual or individuals had accessed and acquired files with patient information. The information included name, Social Security number, date of birth, and health information. In a notice on its website, the medical practice adds:

While the Clinic is unaware of any fraudulent misuse of your personal information at this time, we are providing you with details about the incident, steps we are taking in response, and resources available to help you protect against the potential misuse of your information. Please be assured that the Clinic takes the protection and proper use of your personal information very seriously.

Yet nowhere do they inform patients that data was leaked on the dark web months ago — or what kind of data was leaked on the dark web. Is any of it protected health information or personally identifiable information of patients?

A check of BianLian’s dark web leak site this week revealed  that the listing is still online as are the links to the data dump, but the links to the downloads are not working. Emails were sent to both the center and to BianLian (DataBreaches was unable to reach BianLian via their Tox account). No replies were immediately available, but this post will updated if more information becomes available.

 

Category: Breach IncidentsHackHealth Data

Post navigation

← Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida
Computers containing thousands of patients’ records stolen from Belfast hospital →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.