Mid Florida Primary Care Data Breach Lawsuit Investigation
Were you treated at Mid Florida Primary Care and just received a frightening breach notice? Act quickly—your Social Security number, medical data, and even financial records may already be circulating on the dark web. Find out how to protect yourself and whether you can seek compensation below.
What Happened?
Mid Florida Primary Care, an internal medicine practice serving Leesburg and Summerfield, Florida, confirmed a ransomware attack by the BianLian gang. Key dates you need to know:
- Nov. 29–Dec. 11, 2024: Hackers quietly accessed and copied data from the practice’s servers.
- Dec. 14, 2024: BianLian publicly claimed the breach on the dark web, threatening to leak stolen files.
- Jan. 23, 2025: The practice detected suspicious activity and contained the intrusion.
- June 19, 2025: A full review of affected records was completed.
- July 29, 2025: Official breach notices were filed with the Vermont and Massachusetts Attorneys General.
What Information Was Exposed?
The investigation determined that both personally identifiable information (PII) and protected health information (PHI) were compromised, including:
- Full names and addresses
- Social Security numbers
- Dates of birth & government-issued ID details
- Medical records and treatment information
- Financial and billing data
- Human resources files and internal email correspondence
Mid Florida Primary Care’s Response
The practice is offering 12–24 months of complimentary identity-monitoring via Privacy Solutions, which includes:
- Equifax credit monitoring & tri-bureau credit scores
- Identity theft insurance
- Fraud resolution and ID restoration services
- Dark-web surveillance
A unique activation code was provided in each mailed notice. If you lost your letter, contact the dedicated hotline at 877-580-5596 (Mon–Fri, 9 a.m.–6 p.m. ET).
Your Legal Rights & Next Steps
If you received a notification letter, you may be eligible to join a lawsuit seeking monetary damages and stronger data-security commitments from Mid Florida Primary Care. Here’s how to protect yourself right now:
- Enroll in the free credit-monitoring service as soon as possible.
- Place a fraud alert or credit freeze with Equifax, Experian, and TransUnion.
- Review all bank, credit-card, and medical statements for unfamiliar charges.
- Report suspected identity theft to the FTC and local law enforcement.
- Document any time spent or costs incurred—this can support future compensation claims.
Why Filing a Claim Matters
Data-breach litigation not only compensates victims for out-of-pocket losses and lost time, it pressures companies to bolster cybersecurity. By taking action, you help deter future attacks across the healthcare industry.
Timeline of Key Events
| Date | Event |
|---|---|
| Nov 29–Dec 11 2024 | Unauthorized access & data exfiltration |
| Dec 14 2024 | BianLian claims responsibility on dark web |
| Jan 23 2025 | Breach detected by Mid Florida Primary Care |
| Jun 19 2025 | Investigation into compromised files completed |
| Jul 29 2025 | Notices filed with state Attorneys General |
Frequently Asked Questions About the Mid Florida Primary Care Data Breach
How do I know if my data was involved?
Mid Florida Primary Care mailed letters to all individuals whose information appeared in the compromised files. If you received a letter—or were a patient between 2002 and December 2024—assume your data may be at risk and take precautionary steps.
What does the free identity-monitoring include?
The package provides continuous credit monitoring, identity theft insurance, access to your credit report, and professional assistance should fraud occur.
Can I sue Mid Florida Primary Care over this breach?
Possibly. Patients whose sensitive data was exposed may have legal claims for negligence, breach of contract, and violations of state data-protection laws. Joining a class action can help recover damages and push for stronger security measures.
Will placing a credit freeze hurt my credit score?
No. A freeze restricts new credit inquiries but does not affect your existing credit accounts or score. You can temporarily lift it whenever you need to apply for credit.
How long should I monitor my accounts?
Cyber-criminals often wait months—or even years—before using stolen data. Experts recommend monitoring your financial and medical statements indefinitely, with heightened vigilance during the first 24 months after a breach.