Active breach tracker Burlington, Washington Disclosed July 25, 2025

Northwest Denture Center Data Breach 2025: 19,419 Patients Exposed in May Network Intrusion · Class Action Filed in Snohomish County

Northwest Denture Center, Inc., a Burlington, Washington denture practice, detected unauthorized access to its network on May 28, 2025. A file review completed June 27, 2025 determined that names, Social Security numbers, driver's license numbers, dates of birth, and medical information for 19,419 individuals (12,209 of them Washington residents) were exposed. The incident was reported to HHS OCR on July 25, 2025, and a putative class action was filed in Snohomish County Superior Court.

You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.

By HealthConsent Editorial Last updated Sources & methodology

Timeline

May 27, 2025

Unauthorized access to Northwest Denture Center's network occurs

May 28, 2025

Suspicious activity detected on the network; investigation begins

Jun 27, 2025

File review completed; scope of compromised records determined

Jul 25, 2025

HIPAA breach notification filed with HHS Office for Civil Rights (19,419 affected)

Jul 25, 2025

Notice filed with the Washington State Attorney General (12,209 WA residents)

Jul 30, 2025

Plaintiff-side firms publicly open class-action investigations

Aug 18, 2025

Public reporting and substitute-notice coverage of the breach

Sep 15, 2025

Putative class action filed in Snohomish County Superior Court (Osborne v. Northwest Denture Center, No. 25-2-08604-31)

Data exposed

01

High-risk identity

Enables financial + identity theft

Social Security numbers Washington driver's license or state ID card numbers

03

Contact & insurance

Phishing + targeted scams

Names Addresses Full dates of birth Patient ID numbers Medical information

Class actions filed by

These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.

Strauss Borrelli PLLC Barnow and Associates, P.C. Milberg Coleman Bryson Phillips Grossman PLLC
If you received a letter

Your action plan, in five steps.

You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.

01

Accept credit monitoring

It’s the floor of the response. Take it.

02

Freeze your credit

Free at Equifax, Experian, TransUnion.

03

File IRS Form 14039

Prevent fraudulent tax return under your SSN.

04

Review your EOBs

Insurance statements catch medical identity theft early.

05

Stop the ongoing flow

Credit monitoring doesn’t cover your health records. HealthConsent does.

Jump to step 5: protect my health data

Northwest Denture Center, Inc., a denture and dental practice headquartered in Burlington, Washington with offices including a Bellingham clinic, confirmed that an unauthorized actor accessed its network on May 27, 2025. Suspicious activity was detected the following day, and a file review concluded on June 27, 2025 that personal, identity, and medical information for 19,419 individuals, including 12,209 Washington residents, had been exposed. The incident was reported to the U.S. Department of Health and Human Services Office for Civil Rights and to the Washington State Attorney General on July 25, 2025. A putative class action, Osborne v. Northwest Denture Center, was subsequently filed in Snohomish County Superior Court.

The substitute notice published by Northwest Denture Center also disclosed that certain patient records from the Bellingham office were deleted during the intrusion and could not be recovered, indicating destructive activity in addition to data exfiltration. Northwest Denture Center has not publicly identified the threat actor or confirmed whether ransomware was deployed.

Timeline

  • May 27, 2025 — Unauthorized access to Northwest Denture Center’s network occurs.
  • May 28, 2025 — Suspicious network activity is detected; the practice begins its investigation and engages outside experts.
  • June 27, 2025 — Review of the compromised files is completed; the affected-individual count is established.
  • July 25, 2025 — HIPAA breach notification filed with HHS OCR (19,419 affected, “Hacking/IT Incident” at Network Server). Notice also filed with the Washington State Attorney General reporting 12,209 Washington residents.
  • July 30, 2025 — Plaintiff-side law firms publicly announce class-action investigations.
  • August 18, 2025 — Public reporting and substitute-notice coverage describes the scope and exposed data.
  • September 15, 2025 — Putative class action Osborne v. Northwest Denture Center, Case No. 25-2-08604-31, filed in Snohomish County Superior Court.

What was exposed

According to the substitute notice and Washington Attorney General filing, the data elements involved vary by individual but include:

  • Name, address, and full date of birth
  • Social Security number
  • Washington driver’s license number or state ID card number
  • Patient ID number
  • Medical information (treatment-related records)

The notice indicates that certain Bellingham-office patient records were destroyed during the incident and could not be restored. The unauthorized-access method has not been publicly disclosed, and no ransomware group has claimed responsibility on any tracked leak site.

What the entity is offering

Northwest Denture Center is providing 12 months of complimentary credit monitoring and identity theft protection services through TransUnion to notified individuals. The enrollment instructions and access code are included in the individual notification letter, and affected individuals must enroll within 90 days of receiving the notice.

The notice also includes general guidance on placing fraud alerts and security freezes with the three nationwide credit reporting agencies, and on reviewing account statements and Explanation of Benefits records for suspicious activity.

Class-action and regulatory posture

The first known class action arising from the incident, Osborne v. Northwest Denture Center, Case No. 25-2-08604-31, was filed in the Snohomish County Superior Court in Washington. Multiple plaintiff-side firms, including Strauss Borrelli PLLC, Barnow and Associates, P.C., and Milberg Coleman Bryson Phillips Grossman PLLC, opened public investigations beginning in late July 2025. Allegations focus on inadequate data-security practices and failure to protect sensitive patient information.

The HHS OCR portal entry remains open. No federal settlement, consent order, or civil monetary penalty has been publicly announced.

What to do if you may be affected

  • Enroll in the offered credit monitoring if you received a notice with a TransUnion activation code. The 90-day enrollment window is short and the activation code is single-use.
  • Freeze your credit with Equifax, Experian, and TransUnion. Because Social Security numbers and Washington state ID data were exposed, a security freeze is materially more protective than monitoring alone. It is free and reversible.
  • Request a copy of your dental and medical record if you had treatment at the Bellingham office. The notice confirms some patient records were destroyed; documenting your treatment history with your insurer and any subsequent provider protects continuity of care.
  • Watch for medical identity theft. Review every Explanation of Benefits from your dental or medical insurer and flag any services you did not receive.
  • Preserve your notice letter if you intend to participate in the Snohomish County class action or any consolidated proceeding. The letter is the simplest proof of class membership.
  • Be alert to targeted phishing. Threat actors with name, address, date of birth, and dental-treatment context can craft highly convincing follow-on lures referencing your Northwest Denture Center visits.

Sources

Stop your data from spreading further

Credit monitoring covers your wallet. HealthConsent covers your health records.

Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.

Protect my health data

Cancel anytime · Family plan covers spouses + dependents

About this page

This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.