.png)
32 Pearls Data Breach Affects 23,550, Exposing Social Security Numbers
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
On May 22, 2025, 32 Pearls, a dental care provider based in Washington state, discovered a data breach involving unauthorized access to its systems. According to the official disclosure filed with the Washington Attorney General’s office, the breach occurred between May 19 and May 22, 2025, when a malicious actor gained access to and encrypted certain files using ransomware.
The investigation, supported by third-party cybersecurity experts, determined that the unauthorized party may have viewed or accessed sensitive files during this period.
The breach affected 23,550 Washington residents and potentially exposed a wide range of personally identifiable information (PII) and protected health information (PHI) including full names, addresses, Social Security numbers, driver’s licenses or Washington ID card numbers, full dates of birth, health insurance policy or ID numbers, and medical information.
The breach was formally disclosed to the Washington Attorney General’s office on June 21, 2025. For those seeking further details, the full breach notification is available through the Washington Attorney General’s data breach portal. Subsequent disclosure was made to the Oregon Attorney General and Department of Health & Human Services.
32 Pearls's response
For affected individuals, 32 Pearls is offering 12 months of complimentary identity theft protection services through IDX, a ZeroFox company specializing in data breach and recovery services. This service includes credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services. Affected patients received notification letters with unique enrollment codes and instructions on how to activate these protections. The deadline to enroll in these services is Oct. 18, 2025.
Given the sensitive nature of the information involved, affected individuals are encouraged to:
- Enroll in the free credit and identity monitoring service provided by IDX
- Review credit reports regularly for any suspicious activity
- Consider placing a fraud alert or security freeze with major credit bureaus
- Remain vigilant for signs of identity theft or fraud
Additional resources and detailed guidance are included in the official notice to consumers, which is available as a PDF at the bottom of this article’s page.
More information about the company, its services, and locations can be found on the 32 Pearls website.
Protect Your Data
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)