Florida eye care provider Retina Group reports cyberattack exposing data of over 152,000 patients
Learn More
The Retina Group of Florida, an ophthalmology practice operating 23 retina clinics across Florida, is reporting a data breach that compromised the sensitive personal and protected health information of 152,691 patients.
The practice detected suspicious activity on its network on November 9, 2024, and following an investigation, it was determined that there was unauthorized access to its network starting November 6, 2024. Despite discovering the breach in November 2024, notifications to affected patients began in September 2025, nearly a year after the cyberattack.
The compromised data potentially includes:
- Names and contact information
- Physical addresses
- Dates of birth
- Social Security numbers
- Driver's license copies and state identification numbers
- Health insurance information
- Medical records and treatment information
- Payment information and financial data
The nature of the attack. It's not clear why the notification is delayed for nearly a year.
The extended timeframe between breach discovery and patient notification has prompted multiple class-action law firms to launch investigations into the incident and the organization's data security practices.
