PIH Health Discloses Data Breach Exposing SSNs, Health Information, and More

PIH Health experienced a major data breach that affected its digital environment between Nov. 14, 2024, and Dec. 2, 2024. The incident first came to light on Dec. 1, 2024, when the company discovered unusual activity within a portion of its network.

On Dec. 13, 2024, a threat actor known as Dreamer2000 claimed responsibility for the data leak and posted about it on an open web forum, indicating that the breach was the result of a targeted data leak attack. Steps were taken to secure the network, and a thorough investigation was launched with the support of third-party cybersecurity specialists.

The investigation revealed that an unauthorized actor accessed certain files containing personal information. By Dec. 16, 2025, PIH Health confirmed that personal information was present in the compromised files.

The breach exposed both PII and PHI including names, Social Security numbers, driver’s license numbers, financial account information, credit/ debit card numbers, medical information, and health insurance information.

The process of identifying affected individuals and gathering contact information was completed by Feb. 25, 2026.

The breach was publicly disclosed to the California Attorney General and the Texas Attorney General. The company also posted a notice of the incident on its website.

The incident affected individuals across multiple states, including 8,434 Texas residents and 174 Rhode Island residents.

PIH Health's response

To help protect those impacted, PIH Health is offering complimentary identity protection services through Experian IdentityWorks.

Affected individuals are eligible for a free membership for a specified period, which includes credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Enrollment instructions and activation codes were provided in the notification letters sent to individuals whose information was exposed.

Steps such as placing a fraud alert or security freeze on credit files, as well as obtaining an IRS Identity Protection PIN, are recommended for additional protection.

Individuals with questions or concerns can contact Experian’s customer care team for support and guidance on identity restoration and credit monitoring.