Cyber Incident Victim: Sunsetcardiology

On January 17, 2020, ransomware operators Maze Team executed an attack against Sunset Cardiology, a Florida-based medical practice. The attackers publicly disclosed their compromise by leaking stolen patient data shortly after the breach. The dumped files contained identifiable patient records, including demographic details, medical diagnoses, and clinical information, confirming the exposure of protected health information. Maze Team had previously listed Sunset Cardiology among medically targeted entities in communications with journalists, though the practice had not been publicly named prior to this incident. The group released a small sample of patient files initially, demonstrating the legitimacy of their claims through the inclusion of sensitive medical content. No public statement from Sunset Cardiology regarding containment efforts, forensic investigation timelines, or patient notification procedures was available in the immediate aftermath.

The Sunset Cardiology incident occurred amid a broader Maze Team campaign targeting healthcare-related organizations. Crossroads Technologies, another victim, experienced a ransomware attack in December 2019 that impacted at least one covered entity, Personal Touch Home Care of Greater Portsmouth, which reported the event to Vermont authorities on January 28, 2020. Maze Team published two data files linked to Crossroads—one containing approximately 6,300 records from downstate New York and another with 1,000 Michigan records—alongside a "Hospice" archive. Despite these disclosures, Crossroads Technologies had not issued a comprehensive breach notification or clarified the full scope of affected entities as of the reporting period. Maze Team’s leak site listed approximately 10 additional unreported victims at the time, indicating an ongoing operational tempo against medical sector targets.