Data security incident at gastroenterology consultants of South Texas affects thousands

Gastroenterology Consultants of South Texas said it suffered a significant data security incident earlier this year that compromised the sensitive personal and health information of more than 40,000 individuals.

 

Founded in 2007, Texas Digestive Specialists (initially Gastroenterology Consultants of South Texas) is a digestive health practice that specialises in gastroenterology, colorectal and foregut surgery.

 

In a data security incident notice published on its website, GCST said that earlier this year it detected suspicious activity within its internal network. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected network, contained the incident and notified relevant law enforcement authorities about the same.

 

“The investigation indicated that some personal information may have been accessed by an unauthorised party in late May 2025,” GCST said.

 

While the details of the compromised data wasn’t included in the security incident notice, GCST said names and other personal identifiers, including protected health information, were accessed during the incident.

 

In a filing with the Office of Attorney General of Texas, GCST said it has identified at least 41,521 Texans impacted by the incident.

 

GCST found no evidence of the compromised information being misused, however, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general.

 

It has also offered complimentary identity protection and credit monitoring services through TransUnion to all affected individuals.

 

 

The Interlock ransomware group claimed responsibility for the cyber attack on GCST and listed it as a victim on its data leak site. The group claimed to be in possession of over 260GB of confidential organisational data, including HR data, PII records, PHI records, and more.

 

GCST has neither confirmed the group’s claims nor disclosed whether a ransom was paid.