The Vascular Experts 2025 Data Breach

The Vascular Experts Surgical Practice Breach (2025): 154K Patient Records Including Medical Diagnoses, SSN & DOB Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

INC RansomRansomware / ExtortionMedicalDate of BirthEmail AddressFull NameHealth InsuranceMedical DiagnosisPhone NumberPhysical Address
High SeverityWebsite / service breach

The Vascular Experts Surgical Practice Breach (2025): 154K Patient Records Including Medical Diagnoses, SSN & DOB Exposed

Vascular surgery and vein care practice.

Verified by ObscureIQ Intelligence
87/100Breach Risk Index
60Data Value
40Market Recency
344dSince Breach

Breach Intelligence Summary

Entity: The Vascular Experts · Actor: INC Ransom (INC_RANSOM) · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Healthcare provider · Vascular and surgical care · Specialty medical practice · USA
Timeline: Breach (2025-05-07) · Year (2025)
Exposure: 154K records · 8 fields: Date of Birth, Email Address, Full Name, Health Insurance, Medical Diagnosis, Phone Number, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

Suspicious activity was first identified on May 7, 2025 on the IT systems of the Southern Connecticut Vascular Center, part of The Vascular Experts. The INC Ransom (INC_RANSOM) group claimed responsibility for the ransomware attack. The organization confirmed the personal and medical information of more than 154,000 individuals was compromised, including full names, addresses, phone numbers, Social Security numbers, dates of birth, detailed medical/treatment information, and health insurance details. The Vascular Experts engaged forensic experts, notified law enforcement, and began notifying affected individuals; multiple class actions followed. The breach is catalogued by DataBreach.com. (Note: prior record count of 9,806 was a partial parse; the confirmed figure is 154,000+.)

ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Specialty-care data can also support targeted scams related to procedures, treatment, or billing.

Breach Impact

The breach exposed identity, contact, and clinical data, including Social Security numbers, dates of birth, and detailed treatment and insurance information, for more than 154,000 patients with serious cardiovascular conditions. The exposure creates substantial identity-theft, medical-fraud, and privacy risk, adds credibility to treatment- and billing-themed scams, and has generated significant class-action liability.

About The Vascular Experts

The Vascular Experts is a network of board-certified vascular surgeons providing vein care and vascular surgery across Connecticut, operating locations including the Southern Connecticut Vascular Center. It maintains patient identity, insurance, billing, imaging, and treatment records tied to specialty cardiovascular and vascular care.

Why They Hold Your Data

Specialty vascular practices collect patient identity, contact, insurance, billing, appointment, and treatment records tied to surgical and vascular care workflows.

Recent Developments

Following the May 2025 ransomware attack, The Vascular Experts investigated with third-party firms, notified law enforcement, and began notifying more than 154,000 affected individuals. Several class-action lawsuits have since been filed alleging inadequate data-security measures.

Data Points Exposed

8 verified field types
Date of Birth High
Email Address
Full Name High
Health Insurance
Medical Diagnosis Critical
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Medical identity fraud and insurance abuse using treatment and insurance data
  • Identity theft and synthetic identity construction using SSN and DOB
  • Identity verification bypass using name + date of birth
  • Targeted phishing and vishing referencing vascular/surgical care
  • Doxxing and physical targeting from exposed home addresses
Threat vectors:
  • Medical extortion, insurance fraud & discrimination
  • Full identity theft & synthetic identity fraud
  • Identity verification bypass
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Threat Actor: INC Ransom (INC_RANSOM)

INC Ransom (INC_RANSOM)
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the The Vascular Experts breach?

Suspicious activity was first identified on May 7, 2025 on the IT systems of the Southern Connecticut Vascular Center, part of The Vascular Experts. The INC Ransom (INC_RANSOM) group claimed responsibility for the ransomware attack. The organization confirmed the personal and medical information of…

What data was exposed?

Verified fields include Date of Birth, Email Address, Full Name, Health Insurance, Medical Diagnosis, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation