Central Florida Hand Specialists, a medical practice in Orlando, Florida, suffered a cyberattack by the RHYSIDA ransomware group on July 8, 2025. The attackers claimed to have breached the organization’s internal network, exfiltrated sensitive patient data, and threatened to publish it on the dark web. Compromised data includes personally identifiable information (PII) such as names, dates of birth, contact details, driver’s license/state ID copies, Social Security numbers, and protected health information (PHI) like medical records, insurance details, and payment information. The breach poses severe risks, including identity theft, financial fraud, and unauthorized exposure of confidential health data. RHYSIDA, known for targeting healthcare providers, demanded ransom under the threat of leaking the stolen data. The medical practice has not yet issued a public response but is legally obligated to notify affected individuals and regulatory authorities.
Source: https://www.claimdepot.com/data-breach/central-florida-hand-specialists-2025
TPRM report: https://www.rankiteo.com/company/central-florida-hand-specialists
"id": "cen1863618090625",
"linkid": "central-florida-hand-specialists",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'healthcare',
'location': 'Orlando, Florida, USA',
'name': 'Central Florida Hand Specialists',
'type': 'medical practice'}],
'customer_advisories': ['Review any notice or communication from Central '
'Florida Hand Specialists.',
'Monitor for identity theft risks.',
'Exercise caution with unsolicited communications.'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'high (includes SSNs, medical records, '
'and payment information)',
'type_of_data_compromised': ['PII',
'PHI',
'medical records',
'financial data']},
'date_publicly_disclosed': '2025-07-08',
'description': 'Central Florida Hand Specialists, a medical practice based in '
'Orlando, Florida, experienced a cyberattack by the RHYSIDA '
'ransomware group. The group claimed to have exfiltrated '
'sensitive patient data, including PII and PHI, and threatened '
'to publish it on the dark web if ransom demands were not met. '
'The breach was disclosed on the dark web on July 8, 2025, '
'with sample screenshots provided as proof of access. The '
'compromised data may include names, dates of birth, contact '
"details, driver's license or state ID copies, Social Security "
'numbers, medical records, insurance information, and possibly '
'payment information.',
'impact': {'brand_reputation_impact': 'high (potential public exposure of '
'sensitive healthcare data)',
'data_compromised': ['personally identifiable information (PII)',
'protected health information (PHI)',
'names',
'dates of birth',
'contact details',
"driver's license or state ID copies",
'Social Security numbers',
'medical records',
'insurance information',
'payment information'],
'identity_theft_risk': "high (exposure of SSNs, driver's licenses, "
'and other PII)',
'legal_liabilities': ['potential state and federal disclosure '
'requirements',
'notification obligations to affected '
'individuals'],
'payment_information_risk': 'potential (payment information may '
'have been compromised)',
'systems_affected': ['internal network']},
'initial_access_broker': {'data_sold_on_dark_web': 'threatened (publication '
'if ransom unpaid)',
'high_value_targets': ['patient PII',
'PHI',
'medical records']},
'investigation_status': 'ongoing (no public statement from Central Florida '
'Hand Specialists as of the disclosure date)',
'motivation': ['financial gain', 'extortion'],
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'RHYSIDA'},
'recommendations': ['Monitor financial accounts and credit reports for signs '
'of identity theft.',
'Consider placing fraud alerts or credit freezes with '
'major credit bureaus.',
'Be cautious of unsolicited emails or phone calls '
'requesting personal information.'],
'references': [{'source': 'Claim Depot (via dark web listing by RHYSIDA)'}],
'regulatory_compliance': {'regulatory_notifications': ['state disclosures '
'(pending)',
'federal disclosures '
'(pending)',
'individual '
'notifications '
'(pending)']},
'response': {'communication_strategy': ['required state and federal '
'disclosures',
'notification to impacted individuals '
'by mail']},
'threat_actor': 'RHYSIDA ransomware group',
'title': 'Ransomware Attack on Central Florida Hand Specialists by RHYSIDA '
'Group',
'type': ['ransomware', 'data breach']}