Florida Lung, Asthma & Sleep Specialists Data Breach Impacts 10,000 People

Florida Lung, Asthma & Sleep Specialists (FLASS) experienced a data breach that has affected approximately 10,000 individuals in the United States. The breach was first made public on the dark web on May 20, 2025, by the ransomware group RHYSIDA. The attackers claimed to have infiltrated FLASS’s systems, stolen sensitive data, and threatened to publish the information within days.

The breach was later reported to the U.S. Department of Health and Human Services (HHS) on July 9, 2025.

This ransomware attack targeted the organization’s network, likely encrypting files and exfiltrating data. The full scope of the compromised data has not been publicly disclosed, but the involvement of a ransomware group and the threat to publish data on the dark web indicate the breach is severe and could have lasting implications for affected individuals.

The HHS breach disclosure confirms that 10,000 people were impacted by this incident.

FLASS' response

FLASS responded to the breach by notifying federal authorities and initiating an internal investigation to determine the extent of the compromise. While specific details about the resources provided to affected individuals have not been disclosed, it is standard practice for healthcare organizations to offer credit monitoring and identity theft protection services after such incidents. Affected patients are encouraged to monitor their financial accounts and credit reports for any signs of suspicious activity. Additionally, patients should be vigilant for phishing attempts or fraudulent communications that may reference their healthcare information.

Given the ransomware nature of the attack, individuals should also be cautious about sharing personal information online and consider placing a fraud alert or credit freeze with major credit bureaus.