Ransomware victim disclosure
← All victimsGreater Pittsburgh Orthopaedic Associates (GPOA)
listed as Pittsburgh’s Trusted Orthopaedic Surgeons · Claimed by Donutleaks · listed 2 years ago
Status timeline
- ListedMay 17, 2024
- Data leakeddate unknown
At a glance
- Group
- Donutleaks
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- May 17, 2024
About the victim
AI dossier — public-source company profileGreater Pittsburgh Orthopaedic Associates (GPOA) is an orthopaedic surgery practice operating in the Pittsburgh, Pennsylvania area with seven offices across the Greater Pittsburgh region (Brackenridge, Cranberry Township, Moon Township, Sewickley, Shadyside, South Side, and others). They provide board-certified orthopaedic surgical care specializing in areas including joint replacement, spine surgery, sports medicine, and hand/upper extremity surgery.
- Industry
- Healthcare - Orthopaedic Surgery
Attack summary
Severity: high — Healthcare provider with multiple office locations; breach likely involves PHI (patient medical records, contact information) from orthopaedic patient population. No proof files publicly shown in available post excerpt, but sector sensitivity and breach confirmation warrant high severity.Donutleaks claims to have compromised Pittsburgh's Trusted Orthopaedic Surgeons (GPOA) and states the organization failed to protect client data. The post indicates data exfiltration occurred but provides no specific details on what data was taken or the scope of the breach.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records
- Protected health information (PHI)
What the group claims
Hello everyone! We got some not very smart people who was compromise and do not want to protect their clients data. Today here medical company from Pittsburgh(USA):"Pittsburgh’s Trusted Orthopaedic Surgeons" [must be not so trusted as you thought, but okay] Web site: https://www.gpoa.com/ "Pittsburgh’…
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

