GLENDALE, Calif. — A data breach at Glendale Obstetrics & Gynecology has exposed patients’ protected health information, including medical records and personal identifiers, according to cybersecurity analysts and regulatory filings. The incident, discovered last week, potentially affects thousands of current and former patients.
The clinic notified federal regulators of the breach under HIPAA requirements, though the exact number of compromised records remains unclear. Sources familiar with the investigation say hackers accessed a patient portal database containing names, addresses, insurance details, and clinical notes. “This is exactly the type of sensitive data that commands premium prices on dark web markets,” said a cybersecurity expert at a major threat intelligence firm who requested anonymity due to ongoing investigations.
Healthcare data breaches have surged 45% year-over-year according to HHS Office for Civil Rights statistics. Glendale OB-GYN’s website currently displays a banner acknowledging “recent IT security issues” and directing patients to a dedicated call center. The practice has not confirmed whether ransomware was involved, though analysts note the breach follows the MOVEit vulnerability pattern affecting hundreds of healthcare providers this year.
Legal experts predict regulatory penalties could exceed $1.2 million if investigators determine inadequate security measures were in place. California’s privacy laws allow individual lawsuits for medical data exposure, potentially creating a class-action liability. “This breach illustrates why healthcare remains hackers’ top target,” said a Department of Health and Human Services spokesperson. “Medical records contain immutable identifiers that fuel identity theft for years.”