Naper Grove Vision Care Falls Victim to Interlock Ransomware Attack
Naper Grove Vision Care in Naperville, Illinois, has recently announced a cybersecurity incident that was detected on May 24, 2025. Independent cybersecurity experts were engaged to investigate unusual network activity and confirmed that an unauthorized third party accessed its network and exfiltrated files containing patient information.
The file review revealed the stolen files contained names, addresses, birth dates, driver’s license numbers, patient numbers, health insurance information, explanation of benefits documents, and medical condition and treatment information. A limited number of patients also had their Social Security numbers stolen.
Naper Grove Vision Care has advised the affected patients to monitor their account statements and credit reports closely and report any suspicious activity to law enforcement. There is no mention of complimentary credit monitoring services in the substitute data breach notice. The data breach has been reported to the HHS’ Office for Civil Rights using an interim figure of 501 affected individuals.
While ransomware was not mentioned in the notice, a ransomware group has claimed responsibility for the attack. The Interlock ransomware group has added Naper Grove Vision Care to its data leak site and claims to have stolen 214 GB of data in the attack across 32,971 folders and 656,891 files. The full data has been leaked, indicating the ransom was not paid.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Florida Lung, Asthma & Sleep Specialists Cyberattack Affects Up to 10,000 Patients
Florida Lung, Asthma & Sleep Specialists (FLASS), which has offices in Orlando, Kissimmee, Winter Garden, and Poinciana, has notified 10,000 patients about a recent data breach. Unauthorized network activity was identified on May 11, 2025, and the forensic investigation indicated that the medical records of certain patients may have been accessed.
Data potentially compromised in the incident includes patient names, birth dates, contact information, and limited medical and billing information. The investigation is ongoing, and notification letters will soon be mailed to the affected individuals. FLASS has not uncovered any evidence to suggest that any of the exposed information has been misused; however, the affected individuals have been advised to remain vigilant and monitor their medical accounts and statements for unusual activity. The affected systems have been secured, and cybersecurity experts have been engaged to review security measures and recommend areas for improvement.
