Mid South Pulmonary & Sleep Specialists 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Mid South Pulmonary & Sleep Specialists Breach (2025): Patient SSN Exposed
Pulmonary medicine and sleep disorder clinic.
Verified by ObscureIQ Intelligence
94/100Breach Risk Index
22Data Value
80Market Recency
69dSince Breach
Breach Intelligence Summary
Entity: Mid South Pulmonary & Sleep Specialists · Actor: Anubis · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Pulmonary and sleep medicine services · Specialty clinic network · USA
Timeline: Breach (2025-11-28) · Indexed (Feb 17, 2026) · Year (2025)
Exposure: 43K records · 3 fields: Full Name, Phone Number, Social Security Number
Status: Reported
Executive Summary
Mid-South Pulmonary & Sleep Specialists, P.C., a pulmonary, critical care, and sleep medicine practice based in Memphis, Tennessee, was named on November 28, 2025 as a victim of the Anubis ransomware operation. Anubis posted the practice on its dark-web leak site, identifying the incident as a patient data breach. The breach surfaced publicly through dark-web monitoring services in mid-February 2026, with class-action investigations by U.S. plaintiff law firms organizing shortly after. The breach affected approximately 43,000 individuals based on records indexed by breach-tracking services. Compromised fields included names, phone numbers, and Social Security numbers. As a pulmonary, sleep medicine, and critical care practice, the underlying records exfiltrated by the attackers also include patient identity, insurance, billing, sleep-study results, pulmonary-function test data, intensive-care discharge summaries, and respiratory-condition diagnoses typical of a specialty pulmonary operation, beyond the more limited field set surfaced publicly. For affected patients, the practical risk profile combines identity-fraud exposure with respiratory-care-specific risks. The combination of name and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a pulmonary, sleep, or critical-care relationship and may reference specific diagnoses such as sleep apnea, COPD, or pulmonary hypertension, which can support medical-themed phishing referencing real treatments or insurance claims. Patients with sleep apnea diagnoses face additional risk concerning commercial driver's license and FAA medical certification status. Patients who received intensive care services at Methodist Healthcare, Baptist East, or St. Francis hospitals through Mid-South Pulmonary intensivists may have their ICU care histories included in the affected records. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance statements, and treat unsolicited contact referencing Mid-South Pulmonary, related hospitals, or pulmonary care with caution.
ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Sleep and respiratory treatment context can also support highly targeted healthcare scams.
Breach Impact
The institutional impact on Mid-South Pulmonary is meaningful given the practice's regional scale and the size of the affected patient population. Federal HIPAA notification obligations, an Office for Civil Rights review, Tennessee attorney-general filings, and emerging class-action litigation discussions are all underway. As a regional specialty practice with hospital-affiliated intensivist responsibilities, Mid-South Pulmonary's breach response affects relationships with Methodist Healthcare, Baptist East Hospital, and St. Francis Hospital where the practice's physicians provide ICU services. The reputational impact is concentrated within the Memphis-area pulmonary and sleep-medicine market, where the practice has been a leading provider since 1989. Operationally, the practice continues to provide patient services and ICU coverage at affiliated hospitals.
About Mid South Pulmonary & Sleep Specialists
Mid-South Pulmonary & Sleep Specialists, P.C. is a pulmonary, critical care, and sleep medicine private practice based in Memphis, Tennessee, founded in 1989. The practice operates from a primary location at 5050 Poplar Avenue and serves patients across the Mid-South region of western Tennessee, northern Mississippi, and eastern Arkansas. Mid-South Pulmonary employs approximately seventeen board-certified physicians and ten advanced practice providers, with subspecialty focus including pulmonary medicine, sleep medicine, and critical care intensivist services. The practice's physicians serve as intensivists in the intensive care units of Methodist Healthcare hospitals, Baptist East Hospital, and St. Francis Hospital. Annual revenue is approximately $15.1 million. As a HIPAA-regulated specialty medical practice, Mid-South Pulmonary maintains substantial volumes of protected health information including patient identity, insurance, billing, appointment, diagnostic, and treatment records, alongside sleep-study results from its Methodist Healthcare-affiliated sleep disorders center and pulmonary-function test data.
Why They Hold Your Data
Pulmonary and sleep-medicine practices collect patient identity, contact, insurance, billing, appointment, and treatment records across specialty care operations.
Recent Developments
Mid-South Pulmonary & Sleep Specialists was named on November 28, 2025 as a victim of the Anubis ransomware operation, which posted the practice on its dark-web leak site identifying the breach as a patient data incident. The breach surfaced publicly through dark-web monitoring services in mid-February 2026. The practice has not publicly detailed the incident as of this writing, and U.S. plaintiff law firms began organizing class-action investigations in late February 2026. Anubis has been active in the U.S. healthcare sector throughout 2025, with confirmed victims also including AllerVie Health.
Data Points Exposed
3 verified field types
Full Name High
Phone Number
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
Threat vectors:
- Name-based social engineering
- SIM swapping, vishing & SMS phishing
- Full identity theft & synthetic identity fraud
Threat Actor: Anubis
Anubis
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Mid South Pulmonary & Sleep Specialists breach?▾
Mid-South Pulmonary & Sleep Specialists, P.C., a pulmonary, critical care, and sleep medicine practice based in Memphis, Tennessee, was named on November 28, 2025 as a victim of the Anubis ransomware operation. Anubis posted the practice on its dark-web leak site, identifying the incident as a…
What data was exposed?▾
Verified fields include Full Name, Phone Number, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation