Gardner Orthopedics Data Breach Affects 47,000 Patients

Gardner Orthopedics LLC, a medical practice based in Fort Myers, Fla., has experienced a major data breach affecting 47,000 individuals. The incident has been classified as a ransomware attack, with the threat actor known as INC RANSOM claiming responsibility.

The cybercriminal group posted about the breach on their dark web portal on May 15, providing sample screenshots and asserting they had obtained sensitive organizational data. Compromised patient information included both personally identifiable information (PII) and protected health information (PHI).

Gardner Orthopedics disclosed the cybersecurity incident to the U.S. Department of Health and Human Services on June 24, 2025. Exposed information may include names, addresses, dates of birth, Social Security numbers, medical records, treatment information and health insurance details.

Gardner Orthopedics' response

In addition to required federal and state disclosures, Gardner Orthopedics will work to identify and notify affected individuals with the data breach details.

If you believe your personal and protected health information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Gardner Orthopedics
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about the practice and its services, visit the Gardner Orthopedics website.