Sunflower Medical Breach Affects 220,968 Patients

Sunflower Medical Group, P.A. recently disclosed a significant data breach impacting approximately 220,968 individuals across the United States. The breach was discovered by the company on January 07, 2025, although the exact date or dates when the breach occurred have not yet been disclosed.

According to the company's official notice posted on their data security incident page, unauthorized access to the company's systems resulted in the exposure of sensitive personal and medical information.

Information Exposed:

• Names
• Addresses
• Dates of birth
• Social Security numbers
• Driver’s license numbers
• Medical records and medical information
• Health insurance information

The breach has been reported to multiple state authorities, including the Attorney General's offices in California, Maine, Massachusetts, Texas, and Vermont. According to the notices filed, the number of individuals affected in specific states includes 1,455 in Texas, 36 in Maine, and 52 in Massachusetts.

Sunflower Medical Group, P.A. has not yet publicly disclosed details on how the unauthorized access occurred or who was responsible for the breach. The investigation is ongoing, and the company is working with cybersecurity experts to determine the full scope and impact of the incident.

Sunflower Medical Group, P.A.'s response

In response to the data breach, Sunflower Medical Group, P.A. began notifying affected individuals by written notice via U.S. Mail starting March 07, 2025. The company has also reported the breach to several state regulatory authorities, including:

Sunflower Medical Group recommends that affected individuals remain vigilant by monitoring their financial accounts, credit reports, and medical statements for any suspicious activity. If you suspect fraud or identity theft, you should contact your financial institution and report the incident immediately.

Affected individuals may also consider placing a fraud alert or credit freeze on their credit files with the major credit reporting agencies (Equifax, Experian, and TransUnion). This can help prevent unauthorized access to your credit information.

About Sunflower Medical Group, P.A.

Sunflower Medical Group, P.A. is a private multi-specialty medical group serving the Kansas City area, with locations in Johnson County and Wyandotte County, Kansas. The company provides comprehensive healthcare services, including primary care, family medicine, internal medicine, pediatrics, obstetrics and gynecology, urgent care, and behavioral health/counseling.

The medical group operates four main locations in Roeland Park, Lenexa West (Prairie Star), Kansas City, KS, and Lenexa East. Sunflower Medical Group emphasizes patient-centered care, preventive medicine, and coordinated healthcare services. They utilize electronic health records and offer telehealth services and a patient portal for online access to medical information and provider communication.

Sources

• California Attorney General's Office
• Maine Attorney General's Office
• Massachusetts Attorney General's Office
• Texas Attorney General's Office
• Vermont Attorney General's Office
• HHS
• Notice of Data Security Incident