Ransomware victim disclosure
← All victimsThe Eye Associates (formerly Quigley Eye Specialists)
listed as quigleyeye.com\$33.6M\USA\435GB\<1% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States of America
- Sector
- Healthcare
- Listed on leak site
- Mar 3, 2025
About the victim
AI dossier — public-source company profileQuigley Eye Specialists, now operating as The Eye Associates following a merger with Eye Centers of Florida, is a multi-location eye care provider in Southwest Florida. The practice operates 14 convenient locations across the region, offering comprehensive ophthalmology and optometry services including cataract surgery, LASIK, and routine eye care.
- Industry
- Ophthalmology & Optometry
- Address
- 44 Barkley Circle, Fort Myers, FL 33907
- Employees
- 51-200
Attack summary
Severity: critical — Healthcare provider with confirmed exfiltration of patient medical records and personal data at scale (435GB). Medical data combined with PII represents regulated sensitive information under HIPAA and other healthcare privacy laws.Cactus ransomware group claims to have encrypted and exfiltrated data from Quigley Eye Specialists. The group indicates approximately 435GB of data was stolen, with less than 1% publicly disclosed as proof.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Insurance information
- Personal identifiable information (PII)
- Billing records
- Appointment histories
Sources
- Victim sitequigleyeye.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

