Law Firm Launches Class Action Probe After Florida Physician Specialists Exposes SSNs, Medical Data in Late 2025 Hack

The multi‑specialty practice based in Jacksonville, Florida, detected unauthorized network activity in late November 2025. An internal investigation confirmed that a third party had accessed its systems, and a comprehensive data review was finished on April 6, 2026. The breach notice triggered a class‑action probe by a national law firm offering free case evaluations.

- Discovery window: November 27‑29, 2025. - Investigation completion: April 6, 2026. - Exposed data: full names plus one or more of Social Security numbers, driver’s license or state ID numbers, other government IDs, financial account details, credit/debit card information, medical records, and health insurance policy information. - Attack vector and specific vulnerability have not been publicly disclosed; the incident is under ongoing forensic analysis. - No threat‑actor attribution has been released by the provider or law enforcement at this time.

The exposed personal identifiers increase the risk of identity theft, fraudulent account opening, and medical‑identity misuse for anyone whose data was taken. Class‑action litigation could result in settlements or judgments that compensate victims and incentivize stronger safeguards at healthcare providers. Regulatory scrutiny under HIPAA and state data‑breach laws may follow, potentially leading to fines or mandated corrective action plans.

Healthcare organizations should: - Apply the latest patches for known vulnerabilities (e.g., those listed in CVE‑2024‑XXXX) and prioritize fixes for remote‑access services. - Enforce multifactor authentication on all privileged accounts and monitor for anomalous login attempts (MITRE ATT&CK T1078). - Deploy network segmentation to limit lateral movement and enable detection of exfiltration via DNS or HTTP (MITRE ATT&CK T1041). - Review and update incident‑response plans, ensuring timely notification within the 60‑day window required by HIPAA. - Conduct regular phishing simulations and employee training to reduce credential‑theft risk.