Pacific HealthWorks Data Breach: What Patients and Employees Need to Know Featured
Over 1.4 million patients impacted in Pacific HealthWorks ransomware attack
Pacific HealthWorks (PHW), a major healthcare management services provider based in Southern California, has suffered a devastating ransomware attack that compromised the private data of more than 1.4 million patients and employees. The incident underscores the vulnerability of healthcare organizations to cybercrime and leaves those affected facing serious risks. If your information was involved, it is critical to understand what happened, what data was stolen, and what legal options you may have—including joining a class action lawsuit.
What Happened?
In July and August 2025, the Everest ransomware group claimed responsibility for attacking both Pacific HealthWorks and its sister company, La Perouse. Hackers infiltrated PHW’s systems and leaked hundreds of sensitive data samples on dark web forums as proof of the breach.
Everest posted warnings that billing data and personal records from over 50 affiliated medical groups would be published if the company did not comply with ransom demands. As of now, thousands of individuals have already viewed the stolen information online.
What Information Was Stolen?
The compromised files contained some of the most sensitive categories of personal and medical data, including:
- Names, addresses, phone numbers, and email addresses
- Dates of birth, gender, race, and marital status
- Social Security numbers and government-issued IDs
- Medical and billing records with diagnosis codes
- Health insurance details and insurance ID numbers
- Bank and financial account information
- Employment and patient files from affiliated medical groups
The breadth of this exposure means affected individuals could face identity theft, financial fraud, and misuse of medical data.
Who Is Affected?
Pacific HealthWorks provides management services for over 1,200 hospital-based physician groups and clinics across the United States. These groups include specialties such as emergency medicine, intensive care, anesthesia, psychiatry, and medical scribes supporting electronic health records.
Affiliated organizations impacted include:
- Emergent Medical Associates – a provider of emergency and episodic care
- Benchmark Hospitalists & Intensivists – hospital-based intensive care specialists
- AnesthesiaWorks – anesthesia services for hospitals and surgery centers
Together, PHW and its partners serve over 1.4 million patients annually, meaning the potential scale of this breach is vast.
What Should You Do Now?
If you are a patient, employee, or partner of PHW or its affiliates, experts recommend you:
- Monitor bank, credit card, and insurance accounts closely.
- Request free credit reports and look for suspicious activity.
- Change passwords for any accounts tied to the exposed email addresses.
- Be alert for phishing emails, scam calls, or fraudulent applications.
- Consider placing a fraud alert or credit freeze with the major credit bureaus.
Because official notifications have been delayed, it is possible that some victims are still unaware their data has been exposed.
Know Your Legal Rights – Join the Class Action
Victims of the Pacific HealthWorks data breach may have legal recourse. Those affected could be entitled to compensation for loss of privacy, time and costs spent addressing the breach, and emotional distress. A class action lawsuit may also push PHW and its affiliates to implement stronger cybersecurity protections to safeguard patient data in the future.
If you believe your information was compromised, it is important to know your rights. Participation in a class action provides a pathway to accountability and justice for patients and employees whose most private information was put at risk.