A Houston-based pediatric healthcare firm has confirmed a data breach that exposed the personal and medical information of over 62,000 patients. Blue Fish Pediatrics reported the incident to the U.S. Department of Health and Human Services, stating that 62,150 individuals were affected.
Unauthorized access and stolen data
The breach occurred on or about July 17, 2025, when an unauthorized party gained access to Blue Fish Pediatrics' computer systems and stole files. The compromised data may include full names, dates of birth, Social Security numbers, driver's license or state ID numbers, medical record numbers, diagnoses, lab results, and healthcare claims. The firm said it immediately contained the incident and launched an investigation with the help of leading cybersecurity experts.
Response and recommendations
Blue Fish Pediatrics has notified affected individuals and urged them to place fraud alerts or security freezes on their credit files. The company also recommends obtaining free credit reports from Equifax, Experian, and TransUnion. So far, no evidence of identity theft or financial fraud has been found, but the firm is evaluating and modifying its security practices to prevent future incidents.