Ransomware victim disclosure
← All victimsThe Eye Associates (formerly Quigley Eye Specialists)
listed as quigleyeye.com\$33.6M\USA\3.4TB\100% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 11, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Mar 11, 2025
About the victim
AI dossier — public-source company profileQuigley Eye Specialists, now operating as The Eye Associates following a merger with Eye Centers of Florida, is an ophthalmology and optometry practice serving Southwest Florida. The organization operates 14 convenient locations across the region, providing comprehensive eye care services including cataract surgery, LASIK, and treatment for various eye conditions.
- Industry
- Healthcare - Ophthalmology & Optometry
- Address
- 44 Barkley Circle, Fort Myers, FL 33907
- Employees
- 51-200
Attack summary
Severity: critical — Confirmed exfiltration of healthcare data at scale (3.4TB) including patient medical records and PII from a multi-location medical practice. Healthcare data is regulated under HIPAA and represents highly sensitive personally identifiable and protected health information.Cactus ransomware group claims to have encrypted systems and exfiltrated 3.4TB of data from Quigley Eye Specialists. The group reports 100% disclosure of the stolen dataset.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Personal identifiable information (PII)
- Insurance information
- Financial/billing records
Sources
- Victim sitequigleyeye.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

