Cyberattacks Announced by WIRX Pharmacy and Emanuel Medical Center
WIRX Pharmacy in Pennsylvania has experienced a security incident that exposed the protected health information of more than 20,000 current and former patients. Emanuel Medical Center in California has started notifying patients about a May 2025 cyberattack that exposed patient data.
WIRX Pharmacy, Pennsylvania
WIRX Pharmacy in Fort Washington, Pennsylvania, has notified 20,104 individuals about a December 2025 cybersecurity incident that may have resulted in unauthorized access and/or theft of protected health information. Suspicious activity was identified within its network environment on or around December 7, 2025. Systems were secured, and an investigation was launched, which confirmed unauthorized access to certain data on its systems between December 6, 2025, and December 7, 2025.
A review of the exposed files confirmed that personal and protected health information were present in files on the compromised parts of its network. The affected data varies from individual to individual and may include names in combination with one or more of the following: clinical information (diagnosis/conditions, medications, and other treatment information), demographic information (Social Security number, address, date of birth, and other identifiers), and financial account or claims information.
WIRX Pharmacy said it is reviewing its security policies and procedures and will take steps to harden security to prevent similar incidents in the future. The affected individuals have been advised to remain vigilant against identity theft and fraud by monitoring their financial accounts and free credit reports.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The HHS Office for Civil Rights breach portal indicates that the protected health information of 20,047 individuals was potentially compromised in the incident.
Emanuel Medical Center, California
Emanuel Medical Center, a 209-bed acute care hospital located in Turlock, California, has started notifying current and former patients about a May 2025 security incident. Suspicious network activity was identified on May 22, 2025, and third-party cybersecurity experts were engaged to investigate the activity. They confirmed unauthorized access to its network between May 21 and May 24, 2025, and that files containing personal and protected health information were present on the affected systems.
The review of those files has recently been completed, and notification letters started to be mailed to the affected individuals on February 17, 2026. Data compromised in the incident varies from individual to individual and may include names, dates of birth, contact information, government identification numbers (including Social Security numbers and driver’s license numbers), health insurance information, patient identification numbers, dates of service, provider names, diagnoses, treatment information, prescriptions, medical histories, and lab reports.
Third-party cybersecurity experts have evaluated security and assisted with strengthening system security. The affected individuals have been advised to remain vigilant against identity theft and fraud by monitoring their accounts and free credit reports for suspicious activity. The HHS’ Office for Civil Rights breach portal indicates 28,963 individuals have been affected.
