
A ransomware attack on TriMed Inc., a surgical solutions company and subsidiary of healthcare giant Henry Schein, has raised serious concerns about the safety of personal and professional data held by medical device companies. The attack, carried out by a Russia-linked cybercriminal group known as Lynx, resulted in the exfiltration of a wide range of sensitive files. For individuals in California whose data may have been swept up in this breach, understanding your rights under state law is critical.
If you believe your information was compromised, contact the data breach lawyers at The Lyon Firm today for a free and confidential consultation.
In early October 2025, the Lynx ransomware group claimed responsibility for an attack on TriMed Inc. and listed the company on its dark web leak site. TriMed confirmed it had suffered a cybersecurity incident and took systems offline in an effort to contain the damage.
Cybersecurity researchers who analyzed the breach found that the attackers had exfiltrated a significant volume of sensitive material, including:
Security analysts noted that the range and depth of the stolen material suggested the attackers may have had extended access to TriMed's internal systems before the breach was detected. This type of prolonged unauthorized access can significantly expand the number of affected individuals and the severity of the harm caused.
Lynx is a ransomware-as-a-service (RaaS) operation with ties to Russia that first appeared on the threat landscape in mid-2024. Since then, the group has listed nearly 200 victims on its dark web site. Lynx is known to target organizations across multiple industries, including finance, architecture, manufacturing, energy, and retail.
The group's typical method involves infiltrating a target's systems, extracting data, and then threatening to publicly release that data if a ransom is not paid. When companies refuse or fail to negotiate, the stolen information is often dropped onto the dark web where it can be accessed and exploited by other bad actors. This creates an ongoing and often irreversible exposure risk for the individuals whose data was taken.
California has some of the strongest data breach notification laws in the country. Under California law, businesses that experience a breach involving the personal information of California residents are required to notify those individuals in a timely manner.
Companies must now notify affected California residents within 30 calendar days of discovering a breach, and must alert the California Attorney General within 15 days of sending those individual notices. This new standard replaces the previous, more flexible "without unreasonable delay" language and creates a concrete legal obligation for businesses handling Californians' data.
Not all breached data carries the same level of risk. In the TriMed attack, some of the categories of information confirmed or suspected to have been exfiltrated carry particularly serious consequences:
Cybersecurity researchers noted that the financial data visible in leaked email exchanges, including IBAN numbers and details of large monetary transfers, would be extremely valuable to criminal actors planning targeted fraud campaigns against executives and others connected to TriMed.
If you received a breach notification from TriMed, or have reason to believe your data may have been compromised, take these steps as soon as possible:
The Lyon Firm has built a national reputation representing individuals harmed by corporate negligence, including victims of data breaches involving healthcare and medical device companies. Attorney Joe Lyon has been recognized by Super Lawyers and the National Trial Lawyers Top 100, and has represented clients in over 40 multi-district litigations in both federal and state courts.
When a company like TriMed, which is part of a large corporate structure with significant resources, fails to protect the personal information entrusted to it, victims deserve an advocate with the experience and resources to take on that fight. The Lyon Firm offers free, confidential case evaluations and handles data breach cases on a contingency fee basis, meaning you pay no legal fees unless we recover compensation on your behalf.
Data breach litigation can be complex, and legal deadlines apply. California law limits the time you have to file a claim. If your information was exposed in the TriMed breach, do not wait.
Taking the first step doesn’t have to be complicated. In just a few minutes, you can share the basics of your case, and our team will guide you from there: