Ransomware victim disclosure
← All victimsPacific HealthWorks
Claimed by Everest · listed 11 months ago
Status timeline
- ListedAug 8, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Aug 8, 2025
About the victim
AI dossier — public-source company profilePacific HealthWorks is a physician practice management company based in El Segundo, California, providing management and administrative services to healthcare practitioners and facilities across the Western United States. The company manages over 70 entities, contracts with over 1,200 providers, and processes over 1.4 million patient encounters annually, offering services including revenue cycle management, practice management, physician support, and analytics.
- Industry
- Healthcare Management Services / Physician Practice Management
- Address
- 898 N. Pacific Coast Highway, Suite #600, El Segundo, CA 90245, United States
- Employees
- 51-200
- Founded
- 2009
Attack summary
Severity: critical — Healthcare MSO with access to protected health information (PHI) for 1,200+ providers and 1.4M+ annual patient encounters. Confirmed data publication by ransomware group. Breach of healthcare management company likely exposes regulated medical data at scale, affecting multiple medical practices and patients.The Everest group claims to have compromised Pacific HealthWorks and published exfiltrated data. The specific data types and operational impact are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Practice management records
- Provider information
- Patient encounter data
- Billing and revenue cycle data
- Administrative records
- Credentialing documents
Original description
AI-summarised, not from the leak postPacific HealthWorks is a management services organization based in Los Angeles, United States. The company primarily provides comprehensive management, administrative, and support services to healthcare practitioners and facilities, including doctors’ offices, healthcare clinics, and other related medical entities. They focus on business and operational aspects so the medical professionals can concentrate on patient care.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

