Mid-Florida Primary Care over the weekend confirmed it notified 16,435 people of a November 2024 data breach that compromised the following patient info:
- Names
- Social Security numbers
- Dates of birth
- Email addresses
- Driver’s license numbers
- Medical info including:
- Medicare/Medicaid numbers
- Health insurance plans and policy numbers
- Diagnoses
- Treatments
- Medical histories
- Allergies
- Prescription info
- Test results
- Treatment locations
Ransomware gang BianLian took credit for the attack in December 2024. It claims to have stolen finance data, HR data, email correspondence, client data, and personal and health information.
Mid-Florida Primary Care has not verified BianLian’s claim. The clinic says the attack began November 2024 but the breach wasn’t discovered until January 2025.
“On or around January 23, 2025, Mid-Florida became aware of suspicious activity within its network environment,” says Mid-Florida Primary Care’s notice (PDF) to victims. “The investigation revealed that certain information was accessed and copied without authorization between November 29, 2024, and December 11, 2024.”
We do not yet know if Mid-Florida Primary Care paid a ransom, how much BianLian demanded, or how attackers breached the clinic’s network. Comparitech contacted Mid-Florida Primary Care for comment and will update this article if it replies.
Mid-Florida is offering eligible victims at least 12 months of free credit monitoring and identity restoration through Equifax.
Who is BianLian?
BianLian, like some other ransomware groups, extorts victims for stolen data but does not encrypt targeted systems. It first started posting victims to its data leak site in late 2021.
In 2024, BianLian took credit for 46 confirmed ransomware attacks, compromising about 1.9 million records. Of those 46 attacks, 20 hit hospitals, clinics, and other healthcare organizations.
BianLian claimed responsibility for the following attacks:
- River Region Cardiology Associates notified 500,000 people of a September 2024 data breach
- Affiliated Dermatologists & Dermatologic Surgeons notified 373,680 people of a March 2024 data breach
- St. Clair Orthopedics and Sports Medicine notified 340,000 people of a November 2024 data breach
- Texas Retina Associates notified 312,867 people of an April 2024 data breach
- Alabama Ophthalmology Associates notified 131,000 people of a January 2025 data breach
BianLian has claimed another 117 unconfirmed attacks to date that haven’t been acknowledged by the targeted organizations.
Ransomware attacks on US healthcare
In 2024, Comparitech researchers logged 170 confirmed ransomware attacks on US hospitals, clinics, and other direct care providers. In 2025 to date, we’ve logged 53 such attacks compromising 3.4 million records.
Other recently confirmed ransomware attacks on US healthcare include:
- Good Samaritan Health Center of Cobb reported a November 2024 data breach claimed by Qilin
- West Texas Oral Facial Surgery notified 11,151 people of a May 2025 data breach claimed by Inc
- WPM Pathology Laboratory notified 5,694 people of a November 2024 data breach claimed by Fog
Ransomware attacks on hospitals clinics can lock down computer systems and steal data. In BianLian’s case, it’s most likely just the latter. Hospitals are forced to either pay a ransom or put customers at increased risk of fraud.
About Mid-Florida Primary Care
Mid-Florida Primary Care consists of two private clinics in Leesburg and Summerfield, Florida.
