Some of the computer systems of PracticeMax experienced technical issues after its computer network aware attacked by a ransomware. The attack compromised the personal information of 165,698 individuals including names, addresses, Social Security numbers, dates of birth, treatment and diagnosis information, financial information, medical information and others.

The California Office of the Attorney General disclosed a ransomware attack targeting PracticeMax Inc. between April 17, 2021, and May 5, 2021, resulting in a confirmed data breach. The incident exposed personal information, including Social Security Numbers (SSNs), though the exact number of affected individuals remains undisclosed. Ransomware attacks of this nature typically involve unauthorized encryption of systems followed by demands for payment in exchange for decryption keys, often coupled with threats of data leakage. Given the sensitivity of SSNs—critical identifiers tied to identity theft, financial fraud, and long-term reputational harm—the breach poses severe risks to both the company and the impacted individuals. The attack underscores vulnerabilities in PracticeMax’s cybersecurity defenses, particularly in safeguarding highly regulated personally identifiable information (PII). While the full scope of the fallout (e.g., fraudulent activity, regulatory penalties) is not detailed, the exposure of SSNs alone elevates the incident to a high-severity event with potential legal and operational repercussions.