Class Action U Logo
Check Your Eligibility

Neurological Associates of Washington Data Breach

Neurological Associates of Washington, a healthcare provider in Kirkland, Washington, fell victim to a ransomware attack by the DragonForce hacker group on December 29, 2025. The breach exposed sensitive patient data, including medical records and personal information. If you were affected, it’s crucial to monitor your accounts and take protective measures. Victims may be entitled to compensation, and Class Action U can connect you with lawyers to explore your legal options.

Neurological Associates of Washington
Date of Breach: December 29, 2025
CAU logo

Who was affected:

Clients of Neurological Associates of Washington

Impacted Data:

Patient names

Addresses

Dates of birth

Medical records

Treatment histories

Insurance information

Other personal identifiers

Check Your Eligibility

Neurological Associates of Washington, a prominent medical practice located in Kirkland, Washington, has recently fallen victim to a ransomware attack. The breach, discovered on December 29, 2025, involved a significant data exfiltration, potentially exposing sensitive personal and medical information. The data breach was attributed to the DragonForce hacker group, a known Ransomware-as-a-Service (RaaS) entity.

Neurological Associates of Washington’s Data Breach Investigation

Neurological Associates of Washington, a healthcare provider specializing in neurological care, discovered unauthorized activity on December 28, 2025, when it was alerted to a ransomware attack targeting its network. The threat actor behind the attack, the DragonForce group, is known for its ransomware campaigns targeting various sectors, including healthcare. This particular attack resulted in the encryption of files and the exfiltration of 72.53GB of sensitive data.

As a healthcare provider, Neurological Associates of Washington handles Protected Health Information (PHI), which includes personal and medical data critical to patients’ care. The breach exposed an unknown number of individuals’ personal and health-related information, putting them at risk for identity theft, medical fraud, and other malicious activities.

The clinic’s response to the breach involved securing its network and launching an internal investigation to understand the full scope of the attack. As of now, Neurological Associates of Washington has not disclosed the exact number of patients affected but has indicated that individuals who were part of their patient base since the clinic’s founding in 1974 could be at risk.

Healthcare organizations like Neurological Associates of Washington are bound by HIPAA (Health Insurance Portability and Accountability Act), which requires them to notify affected individuals, report the breach to the Department of Health and Human Services (HHS), and in some cases, the media. The clinic is expected to follow these legal requirements, but the breach is still under investigation.

When Did This Breach Occur?

The breach was discovered on December 29, 2025, following unauthorized access to the clinic’s network that was first detected on December 28, 2025. The ransomware attack, attributed to DragonForce, may have been ongoing for some time before it was identified.

What Information Was Breached?

The 72.53GB of exfiltrated data may have contained the following types of sensitive information:

  • Patient names

  • Addresses

  • Dates of birth

  • Medical records

  • Treatment histories

  • Insurance information

  • Other personal identifiers

Given the nature of the breach, individuals affected could face risks such as identity theft, fraud, and misuse of their medical information, which could lead to significant financial and emotional harm.

What You Can Do

If you believe your personal or medical information was exposed during the Neurological Associates of Washington data breach, it is essential to take proactive steps to protect yourself:

  1. Monitor your accounts: Regularly check your bank accounts and credit card statements for unfamiliar charges.

  2. Review credit reports: Obtain free credit reports from major credit bureaus to spot any unusual activity.

  3. Watch for medical fraud: Examine Explanation of Benefits (EOB) statements for discrepancies or unfamiliar treatments.

  4. Set up fraud alerts: Consider placing fraud alerts or credit freezes with major credit bureaus to prevent identity theft.

  5. Stay vigilant: Be cautious of unsolicited calls, emails, or medical bills, as cybercriminals often use stolen data months or years later.

By taking these steps, you can help mitigate the potential consequences of the breach and safeguard your personal, financial, and medical information.

File a Data Breach Lawsuit Against Neurological Associates of Washington

If you received a notification from Neurological Associates of Washington or believe your personal information was exposed in this breach, you may be eligible to take legal action. Data breaches involving sensitive health information can result in severe consequences, and the victims may be entitled to compensation for the harm they have suffered.

At Class Action U, we are committed to helping you explore your legal options. If you believe you’ve been affected, reach out to us for a free consultation. We can connect you with experienced lawyers who specialize in data breach class action lawsuits and are ready to help you pursue justice.

Contact us at Class Action U today, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received a notice, or suspect you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner, and no obligation after speaking with someone from our team. Don’t wait—join the fight for justice today.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Neurological Associates of Washington Data Breach
Date of Breach: December 29, 2025
Clackamas Community College Data Breach
Date of Breach: September 10, 2025
Garten Services Data Breach
Date of Breach: December 4, 2025
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.