Glendale obgyn 2025 Data Breach

Glendale OBGYN Women's Health Practice Breach (2025): Patient SSN & Home Address Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

SafePayMedicalEmail AddressPhone NumberPhysical AddressSocial Security Number
High SeverityWebsite / service breach

Glendale OBGYN Women's Health Practice Breach (2025): Patient SSN & Home Address Exposed

Obstetrics and gynecology practice.

Verified by ObscureIQ Intelligence
87/100Breach Risk Index
27Data Value
60Market Recency
127dSince Breach

Breach Intelligence Summary

Entity: Glendale obgyn · Actor: SafePay · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Obstetrics and gynecology services · Specialty clinic · USA
Timeline: Breach (2025-11-13) · Indexed (Dec 21, 2025) · Year (2025)
Exposure: 34K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported

Executive Summary

Glendale Obstetrics and Gynecology, PC, an all-female women's health practice based in Glendale, Arizona, identified a network disruption on October 25, 2025 affecting a portion of its digital environment. The practice engaged outside cybersecurity specialists and confirmed that certain files were acquired by an unauthorized individual. The SafePay ransomware group claimed responsibility on November 11, 2025 by listing the clinic on its Tor-based dark-web leak site and threatening to release patient data unless ransom negotiations were initiated. Glendale OBGYN reported the breach to the U.S. Department of Health and Human Services on December 24, 2025. The breach affected approximately 34,000 individuals based on records indexed by breach-tracking services. Compromised fields included names, addresses, dates of birth, driver's license information, Social Security numbers, medical information, and health insurance information. As an obstetrics and gynecology practice, the underlying records exfiltrated by the attackers also include reproductive-health treatment records, prenatal care histories, gynecological diagnoses, and ultrasound and imaging records typical of an OBGYN operation, beyond the more limited field set surfaced publicly. For affected patients, the practical risk profile is unusually severe and durable because of the combination of identity-fraud exposure with reproductive-health-specific sensitivity. The combination of name, date of birth, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a women's-health care relationship and may reference pregnancy status, gynecological diagnoses, or reproductive-health decisions, which can support targeted scams referencing real care episodes. The sensitivity of reproductive-health information also raises concerns about coercive abuse, employer or partner targeting, and discrimination, particularly for patients who may not have shared their care history with family members or employers. Affected patients should freeze credit at all three U.S. bureaus, monitor health-insurance statements, and treat unsolicited contact referencing Glendale OBGYN, prenatal care, or related services with caution.

ObscureIQ assessment: Extremely sensitive. Exposure can enable identity theft, medical fraud, and serious privacy harm tied to reproductive and gynecological care, including targeted scams or coercive abuse.

Breach Impact

The institutional impact on Glendale OBGYN is meaningful given the small size of the practice and the unusual sensitivity of women's-health diagnostic and treatment information. Federal HIPAA notification obligations, an Office for Civil Rights review, Arizona attorney-general filings, and active class-action litigation discussions are all underway. The reputational impact is concentrated within the Phoenix-area women's-health market, where patient retention is especially consequential because of the long-term relational nature of obstetric and gynecological care. Operationally, the practice reported a network disruption affecting a portion of its digital environment but has continued to provide patient care. The sensitivity of stolen reproductive-health information adds non-financial harm considerations that may strengthen litigation.

About Glendale obgyn

Glendale Obstetrics and Gynecology, PC (Glendale OBGYN) is an all-female obstetrics and gynecology practice with several locations in Arizona, headquartered in Glendale. The practice provides comprehensive women's health services including obstetrics, gynecology, prenatal care, ultrasounds, well-woman exams, and related reproductive-health services. As a HIPAA-regulated specialty medical practice focused on women's health, Glendale OBGYN maintains highly sensitive patient identity, contact, insurance, billing, appointment, and reproductive-health treatment records, alongside diagnostic imaging, prenatal care histories, and gynecological diagnoses typical of an obstetrics and gynecology operation.

Why They Hold Your Data

OBGYN practices collect highly sensitive patient identity, contact, insurance, billing, appointment, and reproductive-health treatment records across specialty care workflows.

Recent Developments

Glendale OBGYN identified a network disruption on October 25, 2025 affecting a portion of its digital environment. The practice took immediate steps to secure the environment and engaged outside cybersecurity specialists. The SafePay ransomware group publicly claimed responsibility on November 11, 2025 by listing Glendale OBGYN on its Tor-based dark-web leak site and threatening to release stolen patient data unless ransom negotiations were initiated. Glendale OBGYN reported the breach to the U.S. Department of Health and Human Services on December 24, 2025 and began identifying contact information for direct notification of affected individuals. Class-action investigations by U.S. plaintiff law firms began organizing in late December 2025.

Data Points Exposed

4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat
  • Full identity theft & synthetic identity fraud

Threat Actor: SafePay

SafePay
Unknown

Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Glendale obgyn breach?

Glendale Obstetrics and Gynecology, PC, an all-female women's health practice based in Glendale, Arizona, identified a network disruption on October 25, 2025 affecting a portion of its digital environment. The practice engaged outside cybersecurity specialists and confirmed that certain files were…

What data was exposed?

Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation