Iroquois Memorial Hospital 2026 Data Breach

Iroquois Memorial Hospital (IL) Breach (2025): ~600 Patient Records Including Medical Diagnoses & SSN Exposed via PEAR Ransomware | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

PEARRansomware / ExtortionMedicalEmail AddressFull NameMedical DiagnosisPhone NumberSocial Security Number
High SeverityWebsite / service breach

Iroquois Memorial Hospital (IL) Breach (2025): ~600 Patient Records Including Medical Diagnoses & SSN Exposed via PEAR Ransomware

Community hospital providing acute care and related medical services.

Verified by ObscureIQ Intelligence
94/100Breach Risk Index
52Data Value
60Market Recency
149dSince Breach

Breach Intelligence Summary

Entity: Iroquois Memorial Hospital · Actor: PEAR · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Healthcare provider · Hospital and medical services · Community healthcare provider · USA
Timeline: Breach (2025-11-25) · Indexed (Feb 09, 2026) · Year (2026)
Exposure: 621 records · 5 fields: Email Address, Full Name, Medical Diagnosis, Phone Number, Social Security Number
Status: Confirmed

Executive Summary

Iroquois Memorial Hospital, a small community hospital in Watseka, Illinois, was attacked by the PEAR ransomware group on about November 25, 2025; the hospital discovered the intrusion on December 11, 2025 when PEAR posted its claim, asserting exfiltration of roughly 3.5 TB of data. The incident was disclosed to HHS on January 9, 2026, which lists 621 individuals affected. Exposed data reportedly included personal identifiers (including Social Security numbers) and protected health information such as diagnoses. (NOTE: the prior record listed ~1,367,755 affected, which is implausible for a small rural hospital and is contradicted by the HHS figure of 621; corrected.)

ObscureIQ assessment: High risk of identity theft, medical fraud, and privacy harm. Hospital affiliation also increases the credibility of scam outreach using care or billing pretexts.

Breach Impact

Although the volume of exfiltrated data was large (~3.5 TB, much of it likely operational), the confirmed patient impact is small, 621 individuals per the HHS breach portal. For those individuals, the combination of Social Security numbers and medical/diagnosis information still creates serious identity-theft and medical-fraud risk, and a rural community hospital may be the only local provider, heightening the personal impact.

About Iroquois Memorial Hospital

Iroquois Memorial Hospital is a small community acute-care hospital and health system based in Watseka, Illinois, serving the rural Iroquois County area. It provides inpatient, outpatient, emergency, and related medical services, maintaining patient identity, insurance, billing, and clinical records.

Why They Hold Your Data

Community hospitals collect patient identity, insurance, billing, and medical records tied to inpatient, outpatient, and administrative workflows.

Recent Developments

The PEAR ransomware group attacked Iroquois Memorial Hospital on about November 25, 2025 and posted its claim on December 11, 2025 (when the hospital discovered the intrusion), asserting exfiltration of roughly 3.5 terabytes of data. The hospital disclosed the incident to HHS on January 9, 2026, reporting 621 individuals affected. Class-action investigations followed.

Data Points Exposed

5 verified field types
Email Address
Full Name High
Medical Diagnosis Critical
Phone Number
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • Identity theft and synthetic identity construction using SSN
  • Medical identity fraud and insurance abuse using diagnosis/health data
  • Targeted phishing and vishing referencing hospital care or billing
  • SIM swap attacks where phone numbers are present
Threat vectors:
  • Medical extortion, insurance fraud & discrimination
  • Full identity theft & synthetic identity fraud
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing

Threat Actor: PEAR

PEAR
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Iroquois Memorial Hospital breach?

Iroquois Memorial Hospital, a small community hospital in Watseka, Illinois, was attacked by the PEAR ransomware group on about November 25, 2025; the hospital discovered the intrusion on December 11, 2025 when PEAR posted its claim, asserting exfiltration of roughly 3.5 TB of data. The incident…

What data was exposed?

Verified fields include Email Address, Full Name, Medical Diagnosis, Phone Number, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation