Bayside Dental Hit by Ransomware Attack, Exposing Sensitive Patient Data
Bayside Dental, a Washington-based dental practice in Anacortes, suffered a ransomware attack on January 5, 2026, when unauthorized access to its network was detected. The company secured its systems and launched an investigation with external cybersecurity experts, later confirming that files containing personal health information (PHI) may have been accessed or exfiltrated.
By March 13, 2026, Bayside Dental determined that the breach exposed a range of sensitive data, including medical records, Social Security numbers, dates of birth, health insurance details, and prescription information. The ransomware group Sinobi claimed responsibility for the attack on January 21, 2026, via a Tor network post, asserting they had stolen 580 GB of data and threatened to publish it on the dark web.
The incident has prompted legal action, with Shamis & Gentile P.A., a class action law firm, investigating potential compensation claims for affected individuals. Those who received a breach notification or suspect their data was compromised may be eligible to join a lawsuit. The exposed information spans patient names, treatment records, insurance details, and other personally identifiable information (PII), heightening risks of identity theft and fraud.
Source: https://www.claimdepot.com/investigations/bayside-dental-data-breach-2026
Bayside Dental cybersecurity rating report: https://www.rankiteo.com/company/bayside-dental
"id": "BAY1776810742",
"linkid": "bayside-dental",
"type": "Ransomware",
"date": "1/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Anacortes, Washington, USA',
'name': 'Bayside Dental',
'type': 'Dental Practice'}],
'customer_advisories': 'Breach notifications sent to affected individuals',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Dates of birth',
'Health insurance '
'details',
'Prescription '
'information',
'Medical records'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Health Information '
'(PHI)',
'Personally Identifiable '
'Information (PII)']},
'date_detected': '2026-01-05',
'date_publicly_disclosed': '2026-03-13',
'description': 'Bayside Dental, a Washington-based dental practice in '
'Anacortes, suffered a ransomware attack on January 5, 2026, '
'when unauthorized access to its network was detected. The '
'company secured its systems and launched an investigation '
'with external cybersecurity experts, later confirming that '
'files containing personal health information (PHI) may have '
'been accessed or exfiltrated. The ransomware group Sinobi '
'claimed responsibility for the attack, asserting they had '
'stolen 580 GB of data and threatened to publish it on the '
'dark web.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': '580 GB',
'identity_theft_risk': 'High',
'legal_liabilities': 'Class action lawsuit investigation'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain, Data exfiltration',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Sinobi'},
'references': [{'source': 'Class action law firm (Shamis & Gentile P.A.)'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit '
'investigation',
'regulations_violated': ['HIPAA']},
'response': {'containment_measures': 'Secured systems',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'External cybersecurity experts'},
'threat_actor': 'Sinobi',
'title': 'Bayside Dental Ransomware Attack',
'type': 'Ransomware'}