MedPeds Associates Breach Impacts 21,430 Patients Exposing PHI and PII

MedPeds Associates of Sarasota, a primary care medical practice in Sarasota, Florida, has disclosed a ransomware attack that affected 21,430 people across the United States.

According to the company's notification to consumers, an unauthorized person gained access to its computer system on Sept. 2, 2025.

How the ransomware attack unfolded

On Sept. 2, 2025, an unknown person or entity gained access to the MedPeds computer system and placed a virus that encrypted the practice's data, according to the company's notification letter. The company stated that some patient data was affected and viewed by the intruder during the attack.

Two weeks later, on Sept. 16, 2025, a ransomware group known as Beast posted a claim on the dark web that it had obtained 400 gigabytes of data, including Social Security number and other sensitive data, from the organization.

MedPeds Associates stated that it worked with a forensic firm to restore its computer system and did not engage with the intruder. The practice also contacted the FBI and worked with the agency's cybersecurity department, according to the notification letter.

The personally identifiable information included names, dates of birth, home addresses and phone numbers. The protected health information included patient medical records. It's important to note that Beast claimed to have stolen Social Security numbers; this claim has not been confirmed yet in public disclosures.

In total, the breach affected 21,430 people in the United States. Of those, 15 were residents of Maine.

Steps to take if personal or medical information was exposed

Monitor Explanation of Benefits statements. Since medical records were exposed, individuals should carefully review any Explanation of Benefits (EOB) statements they receive from their health insurance provider. Unexpected medical charges or unfamiliar services could be a sign that someone is using stolen health information to obtain care or file fraudulent claims. Anyone who notices suspicious activity should contact their health plan directly.

Review credit reports regularly. Under federal law, consumers are entitled to one free credit report every 12 months from each of the three major credit reporting bureaus: Equifax, Experian and TransUnion. These reports can be obtained at AnnualCreditReport.com. Staggering requests throughout the year, one bureau every four months, can help individuals keep a closer watch on their credit activity over time.

Consider placing a fraud alert. A fraud alert tells creditors to take extra steps to verify a person's identity before opening new accounts. An initial fraud alert lasts one year and can be placed by contacting any one of the three major credit bureaus. That bureau will then notify the other two. The contact numbers are:

• Equifax: 1-866-349-5191
• Experian: 1-888-397-3742
• TransUnion: 1-800-680-7289

Consider a security freeze. A security freeze prevents new credit accounts from being opened in a person's name. It is free to place and remove. However, individuals should be aware that a freeze will also temporarily block them from opening new accounts until the freeze is lifted.

Watch for phishing attempts. After a data breach, scammers sometimes send emails, texts or phone calls that reference the breach by name to trick people into sharing more personal information. Individuals should be cautious of any unexpected communications claiming to be from MedPeds Associates or related organizations. It is always safer to contact the company or IDX directly using the phone number provided in the official notification letter.

Report suspicious activity. Anyone who suspects identity fraud can file a report with local law enforcement. Suspected identity theft can also be reported to the Federal Trade Commission at 1-877-438-4338.

Contact IDX for assistance. Affected individuals are encouraged to call IDX at 1-888-201-3629 for additional information about the breach and guidance on protecting their personal information. Representatives are available Monday through Friday from 9 a.m. to 9 p.m. Eastern Time.