Apex Spine and Neurosurgery Reports Ransomware Attack, Data Breach

Apex Spine and Neurosurgery, a medical practice based in Georgia, reports a ransomware attack affecting 2,500 individuals. 

The practice discovered the incident on December 23, 2025, when staff found a virus locking files across the corporate network. The Interlock ransomware group claimed responsibility for the breach and added the organization to its leak site.

Forensic investigations confirmed that the threat actor first gained access to the network on December 9, 2025. The attackers remained undetected for two weeks, during which they stole approximately 20 GB of data before deploying the encryption payload. 

The practice claims that the electronic health record (EHR) system remained secure because it is maintained in a logically separate computer environment.

The compromised data includes:

• Full names, home addresses, and phone numbers
• Social Security numbers and dates of birth
• Driver’s license and passport numbers
• Health insurance subscriber and identification numbers
• Treatment information, diagnoses, and prescription history
• Financial account numbers without security codes

The Interlock group leaked the stolen data after the practice reportedly refused to pay the ransom demand.

Apex Spine and Neurosurgery notified federal authorities and began sending individual notification letters on February 5, 2026. It's not clear if free credit monitoring or identity protection is offered.

Affected individuals should monitor their insurance explanation of benefits (EOB) statements for any medical services they did not receive to detect potential medical identity theft.