Western Orthopaedics 2025 Data Breach

Western Orthopaedics Surgical Practice Breach (2025): 113K Patient Records Including SSN Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

PEARRansomware / ExtortionMedicalEmail AddressFull NamePhone NumberPhysical AddressSocial Security Number
High SeverityWebsite / service breach

Western Orthopaedics Surgical Practice Breach (2025): 113K Patient Records Including SSN Exposed

Orthopedic surgery and musculoskeletal care practice.

Verified by ObscureIQ Intelligence
77/100Breach Risk Index
40Data Value
40Market Recency
256dSince Breach

Breach Intelligence Summary

Entity: Western Orthopaedics · Actor: PEAR (Pure Extraction And Ransom) · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Healthcare provider · Orthopedic care and surgery · Specialty clinic network · USA
Timeline: Breach (2025-09-17) · Year (2025)
Exposure: 113K records · 5 fields: Email Address, Full Name, Phone Number, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

Between approximately September 17 and 25, 2025, an unauthorized party accessed and exfiltrated data from Western Orthopaedics, P.C. On October 4, 2025, the PEAR ransomware group claimed the attack on its dark-web leak site. Initially unconfirmed, the practice later confirmed the breach and notified 113,330 individuals in 2026. DataBreach.com’s independent parse of the leaked dataset confirmed circulating fields: names, home addresses, phone numbers, emails, and Social Security numbers. The company’s notification additionally reported that dates of birth and financial account, credit/debit card, and medical information may have been involved; those categories were not confirmed in the parsed circulating dump. Affected individuals were offered credit monitoring through Epiq. (Note: DataBreach parsed field-level tallies such as 193,000 phone numbers; the confirmed affected-individual count is 113,330.)

ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Orthopedic and surgical context also increases the value of billing and treatment-themed phishing.

Breach Impact

The confirmed circulating data (names, addresses, phone numbers, emails, and Social Security numbers) for more than 113,000 patients creates substantial identity-theft and phishing risk. The company’s notification also reported potential exposure of dates of birth, payment-card/financial account, and medical information; if those are in the full dump, identity-, payment-, and medical-fraud risk rises materially. The surgical-care context adds credibility to treatment- and billing-themed scams, and the incident has generated class-action liability.

About Western Orthopaedics

Western Orthopaedics, P.C. is an established orthopedic surgery and musculoskeletal care practice based in the Denver/Englewood, Colorado area, in operation since 1938. It provides conservative and surgical treatment for injuries of the neck, shoulder, elbow, wrist, hand, back, hip, knee, ankle, and foot, along with imaging, physical therapy, and durable medical equipment services. The practice is affiliated with the HCA HealthONE system.

Why They Hold Your Data

Orthopedic clinic networks collect patient identity, contact, insurance, billing, appointment, imaging, and treatment records across specialty care operations.

Recent Developments

Western Orthopaedics joined the HCA HealthONE system. After an unauthorized party accessed its systems in September 2025, the practice confirmed the breach and notified 113,330 individuals in 2026, offering complimentary credit monitoring and identity protection through Epiq. Multiple law firms have since launched class-action investigations into the incident.

Data Points Exposed

5 verified field types
Email Address
Full Name High
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Payment fraud and unauthorized charges using exposed financial account and card numbers
  • Identity theft and synthetic identity construction using SSN and DOB
  • Medical identity fraud and insurance abuse using health information
  • Targeted phishing and vishing referencing orthopedic/surgical care
  • Doxxing and physical targeting from exposed home addresses
Threat vectors:
  • Financial account & payment card fraud
  • Full identity theft & synthetic identity fraud
  • Medical extortion, insurance fraud & discrimination
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Threat Actor: PEAR (Pure Extraction And Ransom)

PEAR (Pure Extraction And Ransom)
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Western Orthopaedics breach?

Between approximately September 17 and 25, 2025, an unauthorized party accessed and exfiltrated data from Western Orthopaedics, P.C. On October 4, 2025, the PEAR ransomware group claimed the attack on its dark-web leak site. Initially unconfirmed, the practice later confirmed the breach and…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation