CommonSpirit Health and Northgauge Healthcare Advisors: CommonSpirit Health Data Breach Lawsuit Investigation

CommonSpirit Health Vendor Breach Exposes Data of Nearly 20,000 Washington Residents

A ransomware attack on Pinnacle Holdings, LTD, a healthcare consulting vendor, has led to the exposure of sensitive personal data linked to CommonSpirit Health, one of the largest nonprofit health systems in the U.S. The incident, discovered on November 25, 2024, involved unauthorized access to Pinnacle’s network between November 11 and November 25, 2024, during which a threat actor copied personally identifiable information (PII).

Pinnacle, which provides services to Northgauge Healthcare Advisors a contractor for CommonSpirit Health isolated its systems and launched an investigation following the breach. However, delays in notification meant that Northgauge was only informed in November 2025, with impacted individuals not identified until January 30, 2026. CommonSpirit Health was notified of affected Washington residents on February 2, 2026.

The exposed data includes names, full dates of birth, medical information, and other unspecified details. The breach was reported to the Washington Attorney General, with 19,027 state residents confirmed as affected. CommonSpirit Health has since posted a notice on its website regarding the incident.

The law firm Shamis & Gentile P.A. is investigating potential compensation for those impacted, citing eligibility for damages related to the exposure of personal data. The breach highlights risks associated with third-party vendors in healthcare cybersecurity.

Source: https://www.claimdepot.com/investigations/commonspirit-health-data-breach-2026

CommonSpirit Health cybersecurity rating report: https://www.rankiteo.com/company/commonspirithealth

Pinnacle Healthcare Consulting cybersecurity rating report: https://www.rankiteo.com/company/pinnacle-healthcare-consulting-llc

"id": "COMPIN1773247957",
"linkid": "commonspirithealth, pinnacle-healthcare-consulting-llc",
"type": "Breach",
"date": "11/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '19,027 Washington residents',
                        'industry': 'Healthcare',
                        'location': 'U.S.',
                        'name': 'CommonSpirit Health',
                        'size': 'Large (nonprofit)',
                        'type': 'Healthcare System'},
                       {'industry': 'Healthcare Consulting',
                        'name': 'Pinnacle Holdings, LTD',
                        'type': 'Healthcare Consulting Vendor'},
                       {'industry': 'Healthcare',
                        'name': 'Northgauge Healthcare Advisors',
                        'type': 'Contractor'}],
 'attack_vector': 'Unauthorized network access',
 'customer_advisories': 'Notice posted on CommonSpirit Health website',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '19,027',
                 'personally_identifiable_information': 'Names, full dates of '
                                                        'birth, medical '
                                                        'information',
                 'sensitivity_of_data': 'High (names, full dates of birth, '
                                        'medical information)',
                 'type_of_data_compromised': 'Personally identifiable '
                                             'information (PII), medical '
                                             'information'},
 'date_detected': '2024-11-25',
 'date_publicly_disclosed': '2026-02-02',
 'description': 'A ransomware attack on Pinnacle Holdings, LTD, a healthcare '
                'consulting vendor, has led to the exposure of sensitive '
                'personal data linked to CommonSpirit Health, one of the '
                'largest nonprofit health systems in the U.S. The incident '
                'involved unauthorized access to Pinnacle’s network, during '
                'which a threat actor copied personally identifiable '
                'information (PII).',
 'impact': {'brand_reputation_impact': 'Potential reputational damage to '
                                       'CommonSpirit Health',
            'data_compromised': 'Personally identifiable information (PII), '
                                'medical information',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Potential legal actions and fines',
            'operational_impact': 'Delayed notifications to affected parties',
            'systems_affected': 'Pinnacle Holdings, LTD network'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_exfiltration': 'Yes'},
 'references': [{'source': 'Washington Attorney General'},
                {'source': 'CommonSpirit Health website notice'}],
 'regulatory_compliance': {'legal_actions': 'Potential investigation by Shamis '
                                            '& Gentile P.A. for compensation',
                           'regulatory_notifications': 'Reported to Washington '
                                                       'Attorney General'},
 'response': {'communication_strategy': 'Posted notice on CommonSpirit Health '
                                        'website, reported to Washington '
                                        'Attorney General',
              'containment_measures': 'Isolated systems'},
 'title': 'CommonSpirit Health Vendor Breach Exposes Data of Nearly 20,000 '
          'Washington Residents',
 'type': 'Ransomware'}