DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida

Posted on March 11, 2025 by Dissent

Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida.

According to their submission to the Maine Attorney General’s Office and their notification letter to those affected, the Kansas-based group of independent physicians detected the attack on January 7, 2025. Investigation revealed that it had occurred on December 15, 2024.

The day they reportedly detected the attack is the same day that Rhysida added Sunflower to its dark web leak site with proof of claims and a demand f0r 10 BTC.

Rhysida subsequently leaked what they described as more than 400,000 driver’s licenses, insurance cards, SSN, and other files — including an Sql database that was more than 3 TB.

Sunflower’s notification informs patients that “The type of information varied by individual but may have included one or more of the following: name, address, date of birth, Social Security number, driver’s license number, medical information, and health insurance information.” They added, “We have no evidence to believe that your personal information has been misused for the purpose of committing fraud or identity theft. Nonetheless, we are writing to advise you about the incident and to provide you with guidance on what you can do to protect yourself, should you feel it is appropriate to do so.”

Would people “feel it is appropropriate to do so” if they had been told their data was now freely available on the dark web to anyone who wanted to download it?

When Rhysida leaked the data, they claimed they had 7.6 TB, consisting of 5,277,062 files. DataBreaches examined the data leak and found that entire backups were included, as well as folders with driver’s licenses and insurance cards. Databreaches also noted folders with patient complaints and other correspondence concerning named patients.

This incident does not yet appear on HHS’s public breach tool, and the number reported is for the total number of people affected, as reported to Maine. The number of patients affected may be the same or it may be some subset of that total.

 

 

 

Center for Digestive Health provider name, Social Security number, date of birth,
and health information. 0===> 122437 to Maine in March 2025 4/1/2024. Disc 5/7/24 518 BianLian FL hack LEAKED

Gastroenterology Associates of Central Florida, P.A. dba Center for Digestive Health (“the Clinic” or “we”) is writing to
inform you of a recent data security incident that may have resulted in unauthorized access to your sensitive personal
information. The personal information involved may have been related to care you received at the Clinic and/or the Center
for Digestive Endoscopy. While the Clinic is unaware of any fraudulent misuse of your personal information at this time,
we are providing you with details about the incident, steps we are taking in response, and resources available to help you
protect against the potential misuse of your information. Please be assured that the Clinic takes the protection and proper
use of your personal information very seriously.

2.2 TB leaked

BianLian reported:
Data description:

A physical and medical history examination.
Accounting, budget, financial data.
Contract data and NDA’s.
Accidents.
Files from CFO PC.
Operational and business files.
Email and msg archives.

Letter to Maine reported: name, Social Security number, date of birth,
and health information.

https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/24a40045-82cd-41d5-87de-9d000c3357ec.html

Notice of Data Security Incident

Category: Health Data

Post navigation

← Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal Information
Center for Digestive Health notifies patients of April 2024 cyberattack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.