• Home
  • cyber
  • PIH Health: PIH Health Discloses Data Breach Following Ransomware Attack
cyber Breach

PIH Health: PIH Health Discloses Data Breach Following Ransomware Attack

Nov 14, 2024 2 min read
PIH Health: PIH Health Discloses Data Breach Following Ransomware Attack

PIH Health Data Breach Exposes Personal Information in Targeted Cyberattack

PIH Health, a healthcare provider, suffered a significant data breach between November 14 and December 2, 2024, after detecting unusual network activity on December 1, 2024. The company swiftly secured its systems and launched an investigation with third-party cybersecurity experts.

By December 16, 2025, PIH Health confirmed that unauthorized access had exposed files containing personal information. The review process concluded on February 25, 2026, identifying affected individuals, and the breach was officially disclosed to the California Attorney General on February 27, 2026. The incident impacted individuals across multiple states, including at least 174 Rhode Island residents.

A threat actor known as Dreamer2000 claimed responsibility for the breach on December 13, 2024, posting details on an open web forum and characterizing it as a targeted data leak attack.

In response, PIH Health is offering complimentary identity protection services through Experian IdentityWorks, including credit monitoring, identity restoration support, and up to $1 million in identity theft insurance for affected individuals. While no misuse of the exposed data has been reported, the company has implemented additional security measures to prevent future incidents.

Affected individuals were notified via mail with enrollment instructions for the protection services. Support is available through Experian’s customer care team for identity restoration and credit monitoring.

Source: https://www.claimdepot.com/data-breach/pih-health-2026

PIH Health cybersecurity rating report: https://www.rankiteo.com/company/pih-health

"id": "PIH1772490626",
"linkid": "pih-health",
"type": "Breach",
"date": "11/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'At least 174 Rhode Island '
                                              'residents (and others across '
                                              'multiple states)',
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'PIH Health',
                        'type': 'Healthcare Provider'}],
 'customer_advisories': 'Notified affected individuals via mail with '
                        'enrollment instructions for protection services. '
                        'Support available through Experian’s customer care '
                        'team.',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal information'},
 'date_detected': '2024-12-01',
 'date_publicly_disclosed': '2026-02-27',
 'date_resolved': '2026-02-25',
 'description': 'PIH Health, a healthcare provider, suffered a significant '
                'data breach between November 14 and December 2, 2024, after '
                'detecting unusual network activity on December 1, 2024. The '
                'company confirmed unauthorized access had exposed files '
                'containing personal information, impacting individuals across '
                'multiple states, including at least 174 Rhode Island '
                'residents. The threat actor Dreamer2000 claimed '
                'responsibility for the breach on December 13, 2024, '
                'characterizing it as a targeted data leak attack.',
 'impact': {'data_compromised': 'Personal information',
            'identity_theft_risk': 'High'},
 'investigation_status': 'Concluded',
 'motivation': 'Targeted data leak attack',
 'post_incident_analysis': {'corrective_actions': 'Additional security '
                                                  'measures implemented'},
 'recommendations': 'Offered complimentary identity protection services '
                    '(Experian IdentityWorks), including credit monitoring, '
                    'identity restoration support, and up to $1 million in '
                    'identity theft insurance.',
 'references': [{'source': 'California Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Notified affected individuals via '
                                        'mail',
              'containment_measures': 'Secured systems',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': 'Additional security measures '
                                      'implemented',
              'third_party_assistance': 'Yes (cybersecurity experts)'},
 'threat_actor': 'Dreamer2000',
 'title': 'PIH Health Data Breach Exposes Personal Information in Targeted '
          'Cyberattack',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.