Florida Lung 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Florida Lung, Asthma & Sleep Specialists Breach (2025): Patient SSN & Home Address Exposed
Pulmonary, sleep, and respiratory care practice.
Verified by ObscureIQ Intelligence
67/100Breach Risk Index
27Data Value
40Market Recency
251dSince Breach
Breach Intelligence Summary
Entity: Florida Lung · Actor: Rhysida · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Pulmonary and respiratory care · Specialty clinic network · USA
Timeline: Breach (2025-05-20) · Indexed (Aug 19, 2025) · Year (2025)
Exposure: 26K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
Florida Lung, Asthma & Sleep Specialists, a Florida-based pulmonary and sleep-medicine practice operating five offices across the greater Orlando area, suffered a ransomware attack in May 2025 carried out by the Rhysida ransomware-as-a-service group. Rhysida claimed responsibility on May 20, 2025 by listing FLASS on its dark-web leak site and demanded a ransom of approximately six Bitcoin, worth approximately $639,000 at the time. The threat actor threatened to publish stolen patient data including Social Security numbers, medical records, and passport information. FLASS reported the breach to the FBI and to the U.S. Department of Health and Human Services on July 9, 2025. The breach affected approximately 10,000 individuals per the formal HHS notification, with breach-tracking services indexing approximately 26,000 records that may reflect the broader stolen archive. Compromised fields included names, dates of birth, contact information, Social Security numbers, home addresses, email addresses, phone numbers, and limited medical and billing information. As a pulmonary, asthma, and sleep medicine practice, the underlying records exfiltrated by the attackers also include sleep-study results, pulmonary-function tests, respiratory diagnoses, and treatment histories typical of a specialty respiratory practice. For affected patients, the practical risk profile combines identity-fraud exposure with respiratory-care-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a pulmonary or sleep-disorder care relationship and may reference specific diagnoses such as sleep apnea, COPD, or asthma management, which can support medical-themed phishing referencing real treatments or insurance claims. Patients with sleep apnea diagnoses are a particular concern because such diagnoses can affect commercial driver's license and FAA medical certification status, raising additional employment and licensing-related risk. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance statements, and treat unsolicited contact referencing FLASS, sleep studies, or respiratory care with caution.
ObscureIQ assessment: High risk of identity theft, medical fraud, and privacy harm. Specialty-care affiliation also improves the credibility of treatment and billing scams.
Breach Impact
The institutional impact on Florida Lung, Asthma & Sleep Specialists is meaningful given the practice's size and the breadth of stolen patient data referenced by the threat actor. Federal HIPAA notification obligations, an active Office for Civil Rights review, Florida attorney-general filings, and emerging class-action litigation discussions are all underway. Rhysida's public claim and threatened publication of stolen data, including reported claims of access to Social Security numbers, medical records, and passport information, creates direct evidence of broad data exposure that strengthens future litigation. The reputational impact is concentrated within the Orlando-area pulmonary-care market, where patient retention is consequential because of the long-term relational nature of pulmonary and sleep-disorder care. Operationally, the practice continues to provide patient services across its five offices.
About Florida Lung
Florida Lung, Asthma & Sleep Specialists (FLASS) is a U.S.-based pulmonary, asthma, and sleep medicine specialty practice operating five offices across the greater Orlando area in central Florida, with locations in Orlando, Winter Garden, Lake Nona, Poinciana, and Kissimmee. The practice provides pulmonary medicine, asthma management, and sleep-disorder diagnosis and treatment to a regional patient population in Orange, Osceola, and Polk counties. As a HIPAA-regulated specialty medical practice, FLASS maintains substantial volumes of protected health information including patient identity, insurance, billing, appointment, diagnostic, and treatment records, alongside sleep-study results, pulmonary-function test data, and respiratory-condition diagnoses.
Why They Hold Your Data
Pulmonary care providers collect patient identity, contact, insurance, billing, appointment, and treatment records across respiratory and clinical care workflows.
Recent Developments
Florida Lung, Asthma & Sleep Specialists experienced a network intrusion in May 2025 that was first identified through dark-web monitoring on May 20, 2025 when the Rhysida ransomware-as-a-service group claimed responsibility on its dark-web leak site. Rhysida demanded a ransom of approximately six Bitcoin, worth approximately $639,000 at the time, threatening to publish stolen patient data if payment was not made. FLASS reported the breach to the FBI and to the U.S. Department of Health and Human Services on July 9, 2025, and began notifying affected patients. The practice has not extensively detailed whether it paid the ransom. Class-action investigations by U.S. plaintiff law firms began organizing in mid-2025. Rhysida has been an active threat actor in the U.S. healthcare sector throughout 2025, with confirmed victims also including Cookeville Regional Medical Center, Heart South Cardiovascular Group, MedStar Health, MACT Health Board, and Spindletop Center.
Data Points Exposed
4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Home targeting, stalking & physical threat
- Full identity theft & synthetic identity fraud
Threat Actor: Rhysida
Rhysida
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Florida Lung breach?▾
Florida Lung, Asthma & Sleep Specialists, a Florida-based pulmonary and sleep-medicine practice operating five offices across the greater Orlando area, suffered a ransomware attack in May 2025 carried out by the Rhysida ransomware-as-a-service group. Rhysida claimed responsibility on May 20, 2025…
What data was exposed?▾
Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation