Ransomware Group: RHYSIDA

VICTIM NAME: Florida Lung

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the RHYSIDA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Florida Lung, a healthcare provider specializing in pulmonary diseases, asthma, sleep disorders, and critical illnesses, based in the United States. The attack on this healthcare facility was detected on May 20, 2025. Details about the specific nature of the data compromised are not publicly disclosed, but given the industry, it is likely that sensitive medical information may have been involved. The page includes a screenshot section, which could potentially contain images or internal documents relevant to the breach. Additionally, the site indicates the presence of downloadable data leaks, suggesting that some patient or operational data might be accessible among the compromised files. The incident highlights security challenges faced by healthcare organizations in protecting confidential patient information from cyber threats. No personally identifiable details or explicit data points are provided in the publicly accessible leak page, ensuring compliance with privacy standards. The leak’s discovery and publication are recent, emphasizing the ongoing threat landscape and the importance of robust cybersecurity measures for healthcare providers. As the attack date is recent, further details about the extent of data exposure are awaited. The leak page is associated with the ransomware group ‘rhysida,’ which is known for targeting organizations in various sectors. The presence of screenshots hints at potentially sensitive internal documentation or communications that may have been leaked. Overall, this incident underlines the critical need for healthcare entities to enhance their cybersecurity protocols to safeguard patient information and maintain trust.**