Coalinga Regional Medical Center 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Coalinga Regional Medical Center Critical Access Hospital Breach (2025): Patient SSN Exposed
Critical access hospital and community healthcare provider.
Verified by ObscureIQ Intelligence
77/100Breach Risk Index
27Data Value
40Market Recency
208dSince Breach
Breach Intelligence Summary
Entity: Coalinga Regional Medical Center · Actor: World Leaks · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Hospital and emergency care services · Regional medical center · USA
Timeline: Breach (2025-07-10) · Indexed (Oct 01, 2025) · Year (2025)
Exposure: 13K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
Coalinga Regional Medical Center, a critical-access hospital in Coalinga, California, was identified in early July 2025 as a victim of a ransomware attack claimed by the World Leaks ransomware group. The threat actor listed the hospital on its dark-web leak site, indicating data theft from CRMC's systems. The hospital has not extensively detailed the incident in public statements as of this writing.\n\nThe breach affected approximately 13,000 individuals based on records indexed by breach-tracking services. Compromised fields included email addresses, phone numbers, home addresses, and Social Security numbers. As a hospital, the underlying records exfiltrated by the attackers also include patient identity, insurance, billing, and clinical information typical of an emergency, inpatient, and outpatient operation, beyond the more limited field set surfaced publicly.\n\nFor affected patients, the practical risk profile combines identity-fraud exposure with rural-hospital-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a hospital-care relationship in a small rural community where individuals may be readily identifiable based on name and address alone. Patients in rural areas often have fewer financial-fraud detection resources and may face greater difficulty unwinding identity-theft consequences. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance statements, and treat unsolicited contact referencing Coalinga RMC or past hospital visits with caution.
ObscureIQ assessment: Severe risk. Exposure enables identity theft, medical fraud, insurance abuse, and targeted scams exploiting patient status or treatment relationships.
Breach Impact
The institutional impact on Coalinga RMC is meaningful given the hospital's status as the primary acute-care provider for its rural region. Federal HIPAA notification obligations, an Office for Civil Rights review, California attorney-general filings, and emerging class-action investigations create a substantial compliance and litigation pipeline. As a critical-access hospital, Coalinga RMC operates with limited cybersecurity budget and staffing relative to larger metropolitan hospitals, which is a known industry-wide vulnerability. The reputational impact is concentrated within the local agricultural region, where the hospital often serves the same families across generations and where patient trust is unusually consequential. Operationally, the hospital continues to provide patient care.
About Coalinga Regional Medical Center
Coalinga Regional Medical Center (CRMC) is a critical-access hospital in Coalinga, California, providing emergency, inpatient, outpatient, and routine care to residents of western Fresno County and the surrounding rural region. The facility operates under federal Critical Access Hospital designation, which provides Medicare reimbursement enhancements for small rural hospitals serving geographically isolated communities. As a HIPAA-regulated rural hospital, Coalinga RMC maintains patient identity, contact, insurance, billing, and clinical records across its emergency, inpatient, and outpatient operations. The patient base is concentrated in a rural agricultural region of central California where the hospital often serves as the primary local provider for acute and routine care.
Why They Hold Your Data
Regional hospitals collect patient identity, contact, insurance, billing, and medical records across emergency, inpatient, outpatient, and administrative systems.
Recent Developments
Coalinga Regional Medical Center was identified as a victim of the World Leaks ransomware group in early July 2025, with the threat actor claiming responsibility and listing the hospital on its dark-web leak site. The hospital has continued to operate following the incident, although detailed public disclosure has been limited as of this writing. U.S. plaintiff law firms began organizing class-action investigations following the breach claim. The World Leaks group has been active throughout 2025 with multiple healthcare and senior-care victims, including Family Farm and Home and Heritage Communities earlier in the year. As a critical-access hospital, Coalinga RMC operates under federal Medicare reimbursement rules that include cybersecurity-readiness expectations.
Data Points Exposed
4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Home targeting, stalking & physical threat
- Full identity theft & synthetic identity fraud
Threat Actor: World Leaks
World Leaks
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Coalinga Regional Medical Center breach?▾
Coalinga Regional Medical Center, a critical-access hospital in Coalinga, California, was identified in early July 2025 as a victim of a ransomware attack claimed by the World Leaks ransomware group. The threat actor listed the hospital on its dark-web leak site, indicating data theft from CRMC's…
What data was exposed?▾
Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation