Digestive Disease Specialists Data Breach: RansomHub Steals 200 GB of Data

On January 26, 2025, Digestive Disease Specialists Inc. (DDSI), based in in Oklahoma City, discovered suspicious activity on its network. Action was taken to secure their systems, and a third-party forensic firm was brought in to investigate. The investigation revealed that an unauthorized party had accessed certain information on DDSI’s network between January 25 and January 26, 2025.

The breach was particularly severe due to its nature: the RansomHub ransomware group claimed responsibility, stating they had obtained 200 GB of DDSI’s data and threatened to publish it within a week. RansomHub posted sample screenshots on their dark web portal on February 20, 2025, confirming the breach and raising concerns about the sensitive nature of the exposed data.

The information exposed in this incident includes both personally identifiable information (PII) and protected health information (PHI) including names, addresses, dates of birth, medical record numbers, and medical treatment information.

DDSI has stated that, as of now, there is no evidence that the information has been fraudulently misused. However, because they cannot rule out the possibility of misuse, they have chosen to notify potentially affected individuals and provide guidance on how to protect themselves.

For more details, you can read the official Notice to Consumers.

Digestive Disease Specialists' response

DDSI has established a toll-free hotline at 1-833-998-8249 to answer questions and address concerns from affected individuals. The hotline operates Monday through Friday, 7 AM to 7 PM CT, excluding holidays. Additionally, DDSI encourages patients to monitor their account statements and explanation of benefits forms for any suspicious activity or errors.

Patients may also consider placing a fraud alert or credit freeze on their credit reports by contacting the three major credit agencies:

• TransUnion: 1-800-680-7289, TransUnion website
• Experian: 1-888-397-3742, Experian website
• Equifax: 1-888-298-0045, Equifax website

Given the nature of the attack and the involvement of a ransomware group, it is especially important for affected individuals to remain vigilant against potential identity theft and medical fraud. DDSI has not offered credit monitoring at this time, but monitoring your credit and medical records is highly recommended.

For more information about their services and patient resources, visit the Digestive Disease Specialists Inc. website.