Active breach tracker Seattle and Tacoma Disclosed July 21, 2025

32 Pearls Data Breach 2025: 23,517 Seattle and Tacoma Dental Patients Exposed. Ransomware Encryption. SSN and Driver's License Numbers Compromised. What To Do

Dr. Michael Bilikas and Associates, doing business as 32 Pearls, a Seattle and Tacoma dental practice, disclosed a May 2025 ransomware attack that encrypted files on its systems and exposed names, addresses, dates of birth, Social Security numbers, driver's license numbers, health insurance information, and medical records for 23,517 current and former patients. 12 months of IDX identity theft protection offered. Here is what to do.

You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.

By HealthConsent Editorial Last updated Sources & methodology

Timeline

May 19, 2025

Unauthorized actor gains access to internal systems

May 22, 2025

Ransomware encryption detected; access terminated

Jun 21, 2025

Notice filed with the Washington State Attorney General; patient notifications begin

Jul 15, 2025

Strauss Borrelli PLLC announces class action investigation

Jul 18, 2025

Forensic file review completed; scope of exposed data confirmed

Jul 21, 2025

Reported to HHS OCR (23,517 affected)

Oct 18, 2025

Deadline to enroll in complimentary IDX identity theft protection

Data exposed

01

High-risk identity

Enables financial + identity theft

Date of birth Social Security number Driver's license number / Washington state ID card number

03

Contact & insurance

Phishing + targeted scams

Full name Address Health insurance policy / member ID number Medical information

Class actions filed by

These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.

Strauss Borrelli PLLC (publicly investigating, July 15, 2025) ClassAction.org-affiliated attorneys (publicly investigating) ClaimDepot-affiliated firms (publicly investigating)
If you received a letter

Your action plan, in five steps.

You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.

01

Accept credit monitoring

It’s the floor of the response. Take it.

02

Freeze your credit

Free at Equifax, Experian, TransUnion.

03

File IRS Form 14039

Prevent fraudulent tax return under your SSN.

04

Review your EOBs

Insurance statements catch medical identity theft early.

05

Stop the ongoing flow

Credit monitoring doesn’t cover your health records. HealthConsent does.

Jump to step 5: protect my health data

What happened

32 Pearls is a Washington-state dental group operating family, cosmetic, and implant dentistry locations in Seattle and Tacoma (University Place), led by Dr. Michael Bilikas. Legal name on the HHS OCR portal: Dr. Michael Bilikas and Associates.

On May 22, 2025, staff discovered that ransomware had encrypted certain files on the practice’s systems. A forensic investigation determined unauthorized access occurred between May 19 and May 22, 2025. The file review was completed on July 18, 2025, confirming that the unauthorized actor accessed files containing personal and protected health information for 23,517 current and former patients.

The practice filed notice with the Washington Attorney General on June 21, 2025, mailed individual notification letters around the same time, and reported the incident to HHS OCR on July 21, 2025. No specific ransomware group has publicly claimed the 32 Pearls intrusion, and no leak-site listing for the practice has been observed.

Timeline

  • May 19, 2025. Unauthorized actor gains access to 32 Pearls systems.
  • May 22, 2025. Ransomware encryption detected; access cut off.
  • June 21, 2025. Notice filed with the Washington State Attorney General; patient notifications begin.
  • July 15, 2025. Strauss Borrelli PLLC announces a class action investigation.
  • July 18, 2025. Forensic file review completed; data elements confirmed.
  • July 21, 2025. Breach reported to HHS OCR (23,517 affected).
  • October 18, 2025. Deadline to enroll in complimentary IDX identity theft protection.

What was exposed

According to the practice’s notice and corroborating coverage, the impacted files contained:

  • Full name
  • Address
  • Date of birth
  • Social Security number
  • Driver’s license number / Washington state ID card number
  • Health insurance policy or member ID number
  • Medical information (treatment-related records)

The combination of Social Security number, driver’s license number, and date of birth is a full identity-theft kit. The exposure of health insurance and medical information also creates medical-identity-fraud risk.

What 32 Pearls is offering

  • 12 months of complimentary identity theft protection through IDX (a ZeroFox company), including credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity-theft recovery services.
  • Enrollment deadline: October 18, 2025. If you missed it, see the alternative protections below.
  • Security uplift: cybersecurity experts engaged, systems and security practices under review, additional safeguards being implemented.
  • Notice statement: the practice is “unaware of any misuse of patient information.”

The 12-month IDX offer is the standard for breaches of this size and severity, but coverage ends quickly relative to the lifetime risk of an SSN and driver’s license number exposure.

Class action status

  • Strauss Borrelli PLLC opened a public investigation on July 15, 2025.
  • ClassAction.org is collecting affected-individual contacts for plaintiff-firm referrals.
  • ClaimDepot is also routing intake.

No filed complaint has been published to a court docket as of this writing. Expect filings as plaintiff firms complete intake. The SSN + driver’s license + medical-record combination is the kind of disclosure that typically draws filings.

What to do

  1. Enroll in the IDX offer if you still can. If you missed the October 18, 2025 deadline, contact 32 Pearls and ask for a courtesy extension; many practices honor late enrollments.
  2. Place free credit freezes at Equifax, Experian, and TransUnion. This is more protective than monitoring alone and stays in effect indefinitely.
  3. Request a new Washington driver’s license or ID number through the Washington Department of Licensing if your DL number was disclosed.
  4. File IRS Form 14039 (Identity Theft Affidavit) if you see suspicious tax activity, and request an IRS IP PIN.
  5. Watch your health insurance Explanation of Benefits statements for treatment you did not receive. Medical identity fraud is the slowest-detected and hardest-to-unwind consequence of dental and medical breaches.
  6. Stop the ongoing flow of your dental treatment data. HealthConsent files HIPAA restriction requests so the data exposed in this breach is not continuously re-shared.

Sources

Continue reading

Stop your data from spreading further

Credit monitoring covers your wallet. HealthConsent covers your health records.

Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.

Protect my health data

Cancel anytime · Family plan covers spouses + dependents

About this page

This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.