Bayside Dental Data Breach Exposes Personal and Health Information

Bayside Dental, a dental practice located at 3001 Commercial Ave. in Anacortes, Washington, disclosed a cybersecurity incident that may have exposed sensitive patient information, including Social Security numbers and medical records.

The breach was reported to the Massachusetts Office of Consumer Affairs and Business Regulation and to the New Hampshire Attorney General.

On or about Jan. 5, 2026, Bayside Dental detected unauthorized access to its network.

A ransomware group known as Sinobi claimed responsibility for the attack in a posting on the Tor dark web network on Jan. 21, 2026. The group stated it had obtained 580 gigabytes of Bayside Dental's data, including customer information, contracts and incident records, and threatened to publish the data within 10 to 11 days.

After detecting the unauthorized access, Bayside Dental launched an investigation with the help of external cybersecurity professionals. The investigation found that some of the practice's files may have been accessed or removed by an unauthorized individual on Jan. 5, 2026.

On March 13, 2026, the company determined that the affected files may have contained patients' personal health information.

The types of personally identifiable information potentially exposed included full names, dates of birth, Social Security numbers, patient numbers and dates of service. The protected health information potentially exposed included health insurance information, health insurance plan beneficiaries, medical treatment information, medical diagnostic information and prescription information.

Bayside Dental's response to the breach

Affected individuals whose Social Security numbers were impacted are being provided with 12 months of Single Bureau Credit Monitoring, Single Bureau Credit Report and Single Bureau Credit Score services at no charge. These services are provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.

Affected individuals can enroll by visiting the Cyberscout activation page and entering the unique code included in their notification letter. Enrollment must be completed within 90 days of the date of the letter.

The company is also providing proactive fraud assistance through Cyberscout to help with questions or in the event that someone becomes a victim of fraud. A dedicated and confidential call center is available from 8 a.m. to 8 p.m. Eastern time, Monday through Friday, excluding holidays.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze. Contact any one of the three major credit bureaus (Equifax at 1-888-378-4329, Experian at 1-888-397-3742 or TransUnion at 1-800-680-7289) to place a fraud alert, or contact all three to request a security freeze.
• Request free credit reports. Visit AnnualCreditReport.com or call 1-877-322-8228 to obtain free annual reports from all three bureaus and review them for unfamiliar accounts or unauthorized inquiries.
• Review Explanation of Benefits statements. Check statements from health insurance providers carefully for any services or charges not received, and report errors or suspicious activity to the insurance company or health care provider.
• Protect documents containing medical information. Only share health insurance cards with health care providers and covered family members, and request copies of medical records to check for unauthorized entries.
• Watch for phishing attempts. Be cautious of emails, calls or messages that reference Bayside Dental or this breach by name, as scammers may use the incident to trick people into sharing additional personal information.
• Report suspected identity theft to the FTC. If there are signs of fraud, file a complaint with the Federal Trade Commission at ftc.gov/idtheft or by calling 1-877-438-4338, and file a report with local law enforcement.