Skip to main content
Medical Record

Sanderling Healthcare Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The data breach lawyers at The Lyon Firm are investigating an alleged data theft incident reported on websites that monitor dark web activity. Sanderling Healthcare, a healthcare provider specializing in dialysis and nephrology services, was allegedly targeted by the Sarcoma ransomware group, raising concerns about compromised medical data and its potential impact on patients and staff.

Contact our legal team to learn more and to discuss the next steps following any data breach incident. Taking legal action may be beneficial and filing a class action complaint can compensate all impacted individuals.

What Happened at Sanderling Healthcare?

A data breach reportedly occurred on or around July 3, 2025, when Sarcoma gained unauthorized access to Sanderling’s systems, allegedly exfiltrating approximately 587GB of data. This could include sensitive patient information, full backup archives, and internal company documents spanning decades. The stolen data allegedly encompasses personal health information (PHI) such as names, contact details, Social Security numbers, and medical records.

Sarcoma has listed Sanderling on its dark web leak site, threatening to release the data unless a ransom is paid, a common tactic in double extortion strategies. Sanderling Healthcare, based in Nashville, Tennessee, manages dialysis clinics and telemedicine for nephrology care. No official statement from Sanderling or law enforcement has confirmed the breach, and investigations are ongoing.

All impacted individuals should monitor their financial and health accounts for suspicious activity, and contact an experienced data privacy attorney to begin protecting themselves in the event of a data theft incident. Companies that fail to protect your data—through weak security, delayed responses, or ignoring known risks—may be negligent. Our legal team can force them to answer for these lapses. If a healthcare provider didn’t properly encrypt patient records or update systems against ransomware, legal action can push for accountability, potentially leading to better security practices industry-wide.