A new ransomware gang took credit for a data breach at Gateway Community, a rehabilitation clinic in Florida.
In June, Gateway Community began notifying 34,498 victims of an April 2025 data breach that compromised names, Social Security numbers, addresses, dates of birth, state-issued ID numbers, medical treatment info, and health insurance info.
Ransomware gang Payouts King claimed responsibility for the breach and said it stole 890 GB of data, including “thousands of PII and medical records, identity documents, full info!”
Gateway Community has not verified Payouts King’s claim. We do not know if Gateway paid a ransom, how much Payouts King demanded, or how attackers breached the company’s network. Comparitech contacted Gateway Community for comment and will update this article if it replies.
“GCS experienced a network security incident that involved an unauthorized party gaining access to our network environment on April 11, 2025,” says Gateway’s notice (PDF) to victims. “The forensic investigation determined that the unauthorized third party may have acquired certain data as a result of this incident.”
The notice says Gateway will offer eligible victims free credit monitoring and identity theft protection for 12 months.
Who is Payouts King?
Payouts King is a new ransomware group, and Community Gateway is one of its first confirmed victims. The group says it is not ransomware-as-a-service, which means it does not sell its services to affiliates. Instead, it operates independently, launches its own attacks, and collects its own ransoms.
In total, Payouts King has taken credit for 12 ransomware attacks, half of which hit organizations in the USA. Five are manufacturers, and three are healthcare-related.
Ransomware attacks on US healthcare
Comparitech researchers have logged 33 confirmed ransomware attacks on US hospitals, clinics, and other direct care providers in 2025 to date, compromising nearly 2 million records. Last year, 166 such attacks compromised more than 28 million records.
Other recently confirmed ransomware attacks on US healthcare include:
- Mainline Health Systems notified 101,104 people of an April 2024 data breach claimed by Inc
- Texas Centers for Infectious Disease Associates notified 19,776 people of a July 2024 data breach claimed by BianLian
- League Education & Treatment Center notified 825 people of a December 2024 data breach claimed by RansomHub
- VisionPoint Eye Center notified 66,926 people of an October 2024 data breach by unknown attackers
We’re tracking another 232 unconfirmed claims from 2024 and 2025 against US healthcare that haven’t been acknowledged by the targeted organizations.
Ransomware attacks on US hospitals, clinics, and other care providers can both steal data and lock down infected computer systems cripple critical systems and endanger the health, privacy, and security of patients. Hospitals must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk of fraud. Hospitals and clinics might have to resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About Gateway Community
Gateway Community is a drug, alcohol, and mental health rehabilitation clinic with five locations in Jacksonville, Florida. It has treated more than 300,000 people and employs 200 qualified health professionals, according to its website.
