In recent months, two major cyberattacks have impacted ophthalmology practices in South Dakota and Florida, compromising the data of over 260,000 individuals. These incidents highlight a troubling trend of data breaches within eye care specialty providers. The affected practices, Black Hills Regional Eye Institute (BHREI) and Retina Group of Florida, have reported significant breaches involving the unauthorized access and potential theft of sensitive patient information. These events underscore the growing threat of cyberattacks on medical specialty practices, which often have limited resources for robust cybersecurity measures.

Black Hills Regional Eye Institute, located in Rapid City, South Dakota, reported a breach affecting approximately 107,000 patients and employees. The institute detected suspicious network activity on January 8 and promptly took steps to mitigate the threat, including taking certain IT systems offline. A detailed forensic investigation revealed that unauthorized access to their data began as early as January 4. The compromised information included personal identifiers such as names, Social Security numbers, medical records, and even credit card details. Despite the severity of the breach, BHREI has stated that there is no evidence indicating misuse of the stolen data for identity theft.

Meanwhile, Retina Group of Florida, with numerous offices across the state, has reported a breach affecting nearly 153,000 patients. The group informed the U.S. Department of Health and Human Services about the incident on September 3 but has yet to disclose specific details publicly. The lack of a formal breach notice and further communication has prompted several law firms to explore potential class-action litigation against the organization. These incidents are part of a series of health data breaches reported in 2025, significantly affecting eye care providers and highlighting the vulnerabilities in their cybersecurity infrastructure.

The challenges faced by these practices are not unique. Small healthcare facilities, including those specializing in specific medical fields like ophthalmology, often struggle with constrained IT budgets and limited cybersecurity expertise. Errol Weiss, the chief security officer at the Health Information Sharing and Analysis Center, points out that such limitations make these practices attractive targets for opportunistic cybercriminals. This raises concerns about the broader implications for patient data security across similar medical specialties.

In addition to these recent breaches, Asheville Eye Associates in North Carolina reported a significant data breach earlier in the year, affecting nearly 205,000 individuals. The investigation into that incident revealed unauthorized access to personal and medical treatment information. These cases collectively emphasize the urgent need for enhanced cybersecurity measures and support for smaller medical practices, which remain vulnerable to increasingly sophisticated cyber threats.