Southern Illinois Dermatology Data Breach Exposes Sensitive Patient Information

Severity: Medium (Score: 51.9)

Sources: Claimdepot, Classaction

Summary

Southern Illinois Dermatology reported a data breach on April 2, 2026, affecting personal and medical information of patients. The breach was identified on November 28, 2025, when unusual network activity was detected. A third-party cybersecurity firm was engaged to investigate the incident. The threat actor known as Insomnia claimed responsibility for the breach on February 7, 2026, alleging that sensitive data had been leaked on the dark web. Exposed information includes names, addresses, dates of birth, Social Security numbers, and medical record numbers. The company notified affected individuals and provided guidance on protecting their information. Eight residents from Massachusetts were specifically identified as affected. A dedicated response line was established for inquiries related to the breach. Key Points: • Southern Illinois Dermatology experienced a data breach exposing sensitive patient information. • The breach was linked to a threat actor named Insomnia who claimed responsibility on the dark web. • Affected individuals received notification letters with guidance on protecting their personal information.

Key Entities

• Insomnia (apt_group)
• Data Breach (attack_type)
• Southern Illinois Dermatology (company)
• classaction.org (domain)