Tri-Century Eye Care and Western Orthopaedics: Western Orthopaedics warns 113,000+ people of data breach that leaked SSNs, credit cards, and medical info

Western Orthopaedics Suffers Massive Data Breach Affecting 113,000 Patients

Western Orthopaedics, a Colorado-based orthopedic clinic with locations in Denver, Littleton, and Englewood, confirmed a September 2025 data breach exposing sensitive personal and medical information of 113,330 individuals. The compromised data includes names, Social Security numbers, financial account details, credit/debit card numbers, health insurance information, medical provider records, billing data, phone numbers, dates of birth, and addresses.

The clinic detected the breach on October 2, 2025, after an unauthorized third party accessed its network between September 17 and 25. The ransomware group PEAR (Pure Extraction and Ransom) claimed responsibility, alleging it stole 1.7 TB of data and published it on September 30. Western Orthopaedics has not confirmed PEAR’s involvement, and details about ransom demands or payment remain undisclosed.

As part of its response, Western Orthopaedics is offering affected individuals free credit monitoring and identity theft protection through Epiq.

PEAR’s Growing Threat to Healthcare
PEAR, a ransomware group active since August 2025, specializes in data theft and extortion rather than encryption. It has claimed 82 attacks, with 16 confirmed, including six targeting healthcare providers. Other recent victims include Tri-Century Eye Care (200,000 records exposed) and Brevard Skin and Cancer Center (55,000 records exposed).

Ransomware’s Impact on U.S. Healthcare
In 2025, 139 confirmed ransomware attacks on U.S. healthcare providers compromised 12.3 million records. So far in 2026, 14 additional attacks have been reported, with groups like Rhysida, Qilin, and Inc targeting medical organizations. Unlike traditional ransomware, PEAR’s tactic focuses solely on data theft, threatening to leak sensitive information unless a ransom is paid.

Source: https://www.comparitech.com/news/western-orthopaedics-warns-113000-people-of-data-breach-that-leaked-ssns-credit-cards-and-medical-info/

Nirschl Orthopaedic Center cybersecurity rating report: https://www.rankiteo.com/company/nirschl-orthopaedic-center

Western Orthopaedic Association cybersecurity rating report: https://www.rankiteo.com/company/western-orthopaedic-association

"id": "NIRWES1778776360",
"linkid": "nirschl-orthopaedic-center, western-orthopaedic-association",
"type": "Ransomware",
"date": "9/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '113,330',
                        'industry': 'Healthcare',
                        'location': 'Denver, Littleton, Englewood, Colorado, '
                                    'USA',
                        'name': 'Western Orthopaedics',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Unauthorized network access',
 'customer_advisories': 'Free credit monitoring and identity theft protection '
                        'offered to affected individuals',
 'data_breach': {'data_exfiltration': 'Yes (1.7 TB)',
                 'number_of_records_exposed': '113,330',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Social Security numbers',
                                              'Financial account details',
                                              'Credit/debit card numbers',
                                              'Health insurance information',
                                              'Medical provider records',
                                              'Billing data',
                                              'Phone numbers',
                                              'Dates of birth',
                                              'Addresses']},
 'date_detected': '2025-10-02',
 'description': 'Western Orthopaedics, a Colorado-based orthopedic clinic, '
                'confirmed a September 2025 data breach exposing sensitive '
                'personal and medical information of 113,330 individuals. The '
                "breach involved unauthorized access to the clinic's network, "
                'with the ransomware group PEAR claiming responsibility for '
                'stealing 1.7 TB of data.',
 'impact': {'brand_reputation_impact': 'Likely significant',
            'data_compromised': '1.7 TB',
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High',
            'systems_affected': 'Network systems'},
 'investigation_status': 'Ongoing',
 'motivation': 'Data theft and extortion',
 'ransomware': {'data_encryption': 'No (focused on data theft)',
                'data_exfiltration': 'Yes (1.7 TB)',
                'ransomware_strain': 'PEAR (Pure Extraction and Ransom)'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'communication_strategy': 'Public disclosure, offering free '
                                        'credit monitoring',
              'third_party_assistance': 'Epiq (credit monitoring and identity '
                                        'theft protection)'},
 'threat_actor': 'PEAR (Pure Extraction and Ransom)',
 'title': 'Western Orthopaedics Data Breach Affecting 113,000 Patients',
 'type': 'Data Breach, Ransomware'}