Ransomware cyber

Pittsburgh Gastroenterology Associates

Jan 12, 2026 2 min read
Pittsburgh Gastroenterology Associates

Pittsburgh Gastroenterology Associates, a medical group specializing in digestive health, fell victim to a ransomware attack by the Sinobi group in August 2025. The attackers claimed unauthorized access to the organization’s systems and exfiltrated sensitive patient and employee data, including names, addresses, Social Security numbers, medical records, health insurance details, and payment information (including card numbers with CVV codes). The breach exposed thousands of current and former patients and employees to risks of identity theft, fraud, and misuse of medical information. The group was listed on a dark web leak site, where the ransomware actors threatened to publish or sell the stolen data if demands were not met. The incident necessitates federal and state disclosures, along with individual notifications to affected parties. The scale and nature of the compromised data spanning personal, financial, and protected health information pose severe reputational, operational, and legal consequences for the organization.

Source: https://www.claimdepot.com/data-breach/pittsburgh-gastroenterology-associates-2025

TPRM report: https://www.rankiteo.com/company/pittsburgh-gastroenterology-associates

"id": "pit42104242092625",
"linkid": "pittsburgh-gastroenterology-associates",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Thousands (current and former '
                                              'patients and employees)',
                        'industry': 'Healthcare (Digestive Health)',
                        'location': 'Pittsburgh, Pennsylvania, USA',
                        'name': 'Pittsburgh Gastroenterology Associates',
                        'type': 'Medical Group'}],
 'customer_advisories': ['Review notices from Pittsburgh Gastroenterology '
                         'Associates.',
                         'Visit the medical group’s website for updates.'],
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 'Thousands (exact number '
                                              'unreleased)',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (PII, PHI, payment data)',
                 'type_of_data_compromised': ['Personal Information (names, '
                                              'addresses, phone numbers, dates '
                                              'of birth)',
                                              "Government-Issued IDs (driver's "
                                              'license, state ID copies)',
                                              'Social Security Numbers',
                                              'Health Insurance Details',
                                              'Medical Records',
                                              'Payment Information (card '
                                              'numbers with CVV codes)']},
 'date_publicly_disclosed': '2025-08-20',
 'description': 'Pittsburgh Gastroenterology Associates, a medical group '
                'specializing in digestive health, experienced a major data '
                'breach and ransomware attack by the Sinobi group. The '
                'attackers claimed unauthorized access to the organization’s '
                'systems and exfiltrated sensitive patient and employee data, '
                'including personal, health, and payment information. The '
                'number of affected individuals is believed to be in the '
                'thousands. The group is required to issue state and federal '
                'disclosures and notify affected individuals by mail.',
 'impact': {'brand_reputation_impact': True,
            'data_compromised': True,
            'identity_theft_risk': True,
            'legal_liabilities': True,
            'payment_information_risk': True,
            'systems_affected': True},
 'initial_access_broker': {'data_sold_on_dark_web': True,
                           'high_value_targets': ['Patient data',
                                                  'Medical records',
                                                  'Payment information']},
 'investigation_status': 'Ongoing (notification phase)',
 'motivation': ['Financial Gain', 'Data Theft', 'Extortion'],
 'ransomware': {'data_exfiltration': True},
 'recommendations': ['Monitor financial accounts and credit reports for signs '
                     'of identity theft.',
                     'Place fraud alerts or credit freezes with major credit '
                     'bureaus.',
                     'Be cautious of unsolicited emails or phone calls '
                     'requesting personal information.'],
 'references': [{'source': 'Claim Depot (via dark web leak site posting)'}],
 'regulatory_compliance': {'regulatory_notifications': ['State disclosures',
                                                        'Federal disclosures']},
 'response': {'communication_strategy': ['State and federal disclosures',
                                         'Mail notifications to affected '
                                         'individuals'],
              'incident_response_plan_activated': True},
 'threat_actor': 'Sinobi group',
 'title': 'Ransomware Attack on Pittsburgh Gastroenterology Associates by '
          'Sinobi Group',
 'type': ['Data Breach', 'Ransomware Attack']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.