Neurological Associates of Washington 2026 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Neurological Associates of Washington Neurology Practice Breach (2026): Patient SSN Exposed
Neurology practice providing diagnostic and treatment services.
Verified by ObscureIQ Intelligence
94/100Breach Risk Index
22Data Value
80Market Recency
69dSince Breach
Breach Intelligence Summary
Entity: Neurological Associates of Washington · Actor: DragonForce · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Neurology and specialty care services · Medical practice · USA
Timeline: Breach (2026-01-02) · Indexed (Feb 17, 2026) · Year (2026)
Exposure: 85K records · 3 fields: Full Name, Phone Number, Social Security Number
Status: Reported
Executive Summary
Neurological Associates of Washington, an independent neurology practice based in Kirkland, Washington, suffered a ransomware attack on December 27, 2025 that encrypted a server containing medical records from 2019 to 2025. The clinic discovered the incident on December 28, 2025. The DragonForce ransomware-as-a-service group claimed responsibility by listing the clinic on its dark-web leak site and asserting it had exfiltrated approximately 1.4 terabytes of data. DragonForce posted sample document images to substantiate its claim. The clinic publicly disclosed the incident to the Washington Attorney General on January 23, 2026 and began mailing notification letters to affected individuals on January 22, 2026. The breach affected approximately 13,500 Washington state residents per the formal Washington Attorney General notification. Compromised fields included names, addresses, dates of birth, Social Security numbers, health insurance policy or identification numbers, and medical information including diagnoses and disability codes. The DragonForce dataset reportedly contains the full 2019 to 2025 medical records archive, with approximately 1.4 terabytes of data including clinical documents and patient records. New patients added to the practice during 2025 are unlikely to have been affected because the practice had migrated to a cloud-based records system before the attack. For affected patients, the practical risk profile is unusually severe and durable because of the combination of identity-fraud exposure with neurology-specific sensitivity. The combination of name, date of birth, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a neurology care relationship and the presence of a neurological diagnosis or disability code, which is itself unusually sensitive health information. Patients with documented disability codes face additional risk of disability-benefits fraud and discrimination-themed scams. Affected patients should accept the twelve months of identity-protection services offered by the practice, freeze credit at all three U.S. bureaus, monitor health-insurance and Social Security disability statements, and treat unsolicited contact referencing neurological care, disability claims, or insurance verification with caution.
ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Neurology-related treatment context may be especially sensitive and can support targeted scams or stigma-based abuse.
Breach Impact
The institutional impact on Neurological Associates of Washington is meaningful given the small size of the practice and the sensitivity of neurological diagnostic information. Federal HIPAA notification obligations, an Office for Civil Rights review, Washington attorney-general filings, and active class-action litigation discussions are all underway. As a four-neurologist independent practice, Neurological Associates of Washington has limited resources for remediation, litigation, and credit monitoring obligations relative to larger healthcare organizations. The reputational impact is concentrated within the Seattle-area neurology referral network, where the breach may affect referring-physician relationships and ongoing patient acquisition. DragonForce's posting of sample document images as proof of compromise creates direct evidence of broad data exposure that strengthens future litigation.
About Neurological Associates of Washington
Neurological Associates of Washington is an independent neurology medical practice based in Kirkland, Washington, in the Seattle metropolitan area. Founded in 1974, the practice provides comprehensive neurological care, expert consultations, advanced diagnostics, and personalized treatment for a wide range of nervous system conditions. The practice operates with a team of four neurologists serving Washington state residents primarily through in-person consultations at its Kirkland location. As a HIPAA-regulated specialty medical practice, Neurological Associates of Washington maintains patient identity, contact, insurance, billing, appointment, diagnostic, and treatment records tied to neurological care, including potentially sensitive diagnoses and disability codes.
Why They Hold Your Data
Neurology practices collect highly sensitive patient identity, contact, insurance, billing, appointment, and treatment records tied to neurological and specialty medical care.
Recent Developments
Neurological Associates of Washington discovered a ransomware attack on December 28, 2025, the day after the intrusion occurred on December 27, 2025. The DragonForce ransomware-as-a-service group, an active threat actor since December 2023, claimed responsibility by listing the clinic on its dark-web leak site and asserting it had exfiltrated approximately 1.4 terabytes of data, posting sample document images as proof. The practice migrated its electronic health records to a cloud-based platform and isolated prior records on a computer with no internet access. Neurological Associates of Washington filed reports with the FBI, HHS, and the Washington Attorney General on January 23, 2026, and began mailing notification letters to affected individuals on January 22, 2026. The practice is offering twelve months of complimentary credit monitoring and identity protection services. Class-action investigations by U.S. plaintiff law firms began in early February 2026.
Data Points Exposed
3 verified field types
Full Name High
Phone Number
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
Threat vectors:
- Name-based social engineering
- SIM swapping, vishing & SMS phishing
- Full identity theft & synthetic identity fraud
Threat Actor: DragonForce
DragonForce
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Neurological Associates of Washington breach?▾
Neurological Associates of Washington, an independent neurology practice based in Kirkland, Washington, suffered a ransomware attack on December 27, 2025 that encrypted a server containing medical records from 2019 to 2025. The clinic discovered the incident on December 28, 2025. The DragonForce…
What data was exposed?▾
Verified fields include Full Name, Phone Number, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation