Center for Digestive Health Data Breach Affects Over 100K People

In a recent data breach, Gastroenterology Associates of Central Florida, P.A., doing business as Center for Digestive Health, experienced an unauthorized access incident that affected over one-hundred thousand people. On April 11, 2024, the Clinic detected suspicious activity within its IT network environment. Following this discovery, a specialized cybersecurity firm was engaged to investigate the nature and scope of the incident. The investigation revealed that an unauthorized actor had accessed and acquired certain files and data stored within the network.

The breach impacted approximately 122,437 individuals across the United States. In the state of Maine, 13 individuals were affected, while in Massachusetts, 3 individuals were impacted. The compromised data includes sensitive personal information like names, social security numbers, dates of birth, and medical info.

The breach was disclosed to the Massachusetts Attorney General's office on May 29, 2024. You can find more information on the Massachusetts Attorney General's website. The breach was also disclosed to the Maine Attorney General's office on March 9, 2025. Details are available on the Maine Attorney General's website.

Center for Digestive Health's Response

In response to the breach, the Clinic took immediate steps to secure their network environment. They engaged a leading forensic investigation firm to assist in confirming the security of their systems. Additional monitoring tools were deployed, and the Clinic continues to enhance the security of their systems to prevent future incidents.

To support those affected by the breach, the Clinic is offering complimentary Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services. These services will provide alerts for any changes to credit files for up to 24 months from the date of enrollment. Affected individuals can enroll by visiting or by calling IDX at 1-877-872-0668. The deadline to enroll in these services is May 25, 2025.

Given the nature of the breach, it is crucial for affected individuals to remain vigilant against identity theft and fraud. Regularly reviewing account statements and monitoring credit reports for suspicious activity is recommended. Additionally, placing a fraud alert or security freeze on credit reports can provide an extra layer of protection.