WIRX Pharmacy in Pennsylvania has experienced a security incident that exposed the protected health information of more than 20,000 current and former patients. Emanuel Medical Center in California has started notifying patients about a May 2025 cyberattack that exposed patient data.
WIRX Pharmacy, Pennsylvania
WIRX Pharmacy in Fort Washington, Pennsylvania, has notified 20,104 individuals about a December 2025 cybersecurity incident that may have resulted in unauthorized access and/or theft of protected health information. Suspicious activity was identified within its network environment on or around December 7, 2025. Systems were secured, and an investigation was launched, which confirmed unauthorized access to certain data on its systems between December 6, 2025, and December 7, 2025.
A review of the exposed files confirmed that personal and protected health information were present in files on the compromised parts of its network. The affected data varies from individual to individual and may include names in combination with one or more of the following: clinical information (diagnosis/conditions, medications, and other treatment information), demographic information (Social Security number, address, date of birth, and other identifiers), and financial account or claims information.
WIRX Pharmacy said it is reviewing its security policies and procedures and will take steps to harden security to prevent similar incidents in the future. The affected individuals have been advised to remain vigilant against identity theft and fraud by monitoring their financial accounts and free credit reports.
Emanuel Medical Center, California
Emanuel Medical Center, a 209-bed acute care hospital located in Turlock, California, has started notifying current and former patients about a May 2025 security incident. Suspicious network activity was identified on May 22, 2025, and third-party cybersecurity experts were engaged to investigate the activity. They confirmed unauthorized access to its network between May 21 and May 24, 2025, and that files containing personal and protected health information were present on the affected systems…