Nephrology Associates Data Breach Exposes Social Security Numbers

Nephrology Associates Medical Group, a practice serving Riverside and San Bernardino counties in California, recently experienced a data security incident that may have affected the protected health information of certain patients.

The incident was first detected on May 20, 2025, when the company identified suspicious activity within its network. Immediate steps were taken to secure their systems and launch an investigation with the support of cybersecurity experts.

Through this investigation, it was determined that an unknown actor had gained unauthorized access to the company’s network and acquired files containing sensitive information. On Dec. 2, 2025, Nephrology Associates Medical Group confirmed that some of these files included protected health information belonging to patients.

The types of information potentially exposed in this breach vary by individual but may include name, Social Security number, date of birth, medical or health information, health care treatment or diagnostic information, health insurance information, billing or payment information, and credentialing information.

Nephrology Associates' response

To assist those who may have been affected, the company has established a toll-free call center at 844-443-1521, available Monday through Friday from 6:30 a.m. to 3:30 p.m. PT. Patients can call this number to ask questions about the incident and discuss any concerns they may have.

Given the nature of the information involved, individuals are encouraged to:

• Monitor their credit reports and financial accounts for any unusual activity
• Consider placing a fraud alert or security freeze with credit bureaus
• Review statements from health care providers and insurers for unfamiliar charges or services
• Stay alert for suspicious communications that may reference their medical or personal information