Rocky Mountain Associated Physicians
Data Breach Class Action Lawsuit

Posted: April 13, 2026 -- Rocky Mountain Associated Physicians data breach class action lawsuit investigation.

Abington Cole + Ellery is investigating the data breach recently announced by Rocky Mountain Associated Physicians and may be filing a class action lawsuit on behalf of victims.

Rocky Mountain Associated Physicians Data Breach Summary:

In mid-April of 2026, Rocky Mountain Associated Physicians, PC, disclosed a security incident involving unauthorized access to sensitive data, which took place on or around no earlier than October 30, 2025. Approximately 50,000 individuals were affected by the Rocky Mountain Associated Physicians data breach, and breached data may include, but is not necessarily limited to: individuals’ names, dates of birth, Social Security numbers, addresses, contact information, medical record numbers, diagnosis and treatment information, insurance information, and financial information (e.g., credit or debit card numbers and PIN numbers). As a result of the data breach, Rocky Mountain Associated Physicians is offering 12 months of free credit monitoring and/or identity theft protection services to some affected individuals.

FREE CONSULTATION: If you are a victim of the Rocky Mountain Associated Physicians data breach, and interested in potentially volunteering to serve as a class representative in a class action lawsuit against Rocky Mountain Associated Physicians, please submit your information here to be considered:

An attorney-client relationship is not formed by submitting information through this website.

Rocky Mountain Associated Physicians Data Breach Details:

Rocky Mountain Associated Physicians recently announced that it experienced a data security incident involving unauthorized access to parts of its systems. According to the notice, a sophisticated cyber actor appears to have entered certain databases at an unknown time, but not before October 30, 2025. The practice said it confirmed on February 2, 2026, that some patient information may have been exposed, and it publicly posted its notice in April of 2026.

The incident appears to have involved Rocky Mountain’s patient database and other data files. The organization said the information that may have been affected included personal details such as names, dates of birth, Social Security numbers, addresses, and contact information, as well as medical record numbers, diagnosis and treatment details, insurance information, and some financial information, including payment card numbers and PINs. It also noted that not every person was affected in the same way, meaning the exact mix of exposed data could differ from one individual to another.

In response, Rocky Mountain said it moved to secure its systems, hired an outside forensic firm, and notified law enforcement. It also reported the matter to the U.S. Department of Health and Human Services Office for Civil Rights and the Internet Crime Complaint Center, while continuing to add safeguards meant to reduce the chance of another attack. For affected individuals, the practice is offering 12 months of complimentary credit monitoring and identity restoration services through Experian, and it advises patients to watch their accounts and credit reports closely, report suspicious activity, and consider fraud alerts or credit freezes.

About Rocky Mountain Associated Physicians:

Rocky Mountain Associated Physicians, P.C. is a medical practice in Salt Lake City. It was established in 1979. The group specializes in bariatric surgery and medical weight loss. Board-certified surgeons perform laparoscopic procedures that include vertical sleeve gastrectomy, Roux-en-Y gastric bypass, and duodenal switch. They also provide medical treatments with GLP-1 medications along with nutritional counseling.

Additional Information:

Rocky Mountain Associated Physicians Data Security Incident Notice

Rocky Mountain Associated Physicians Website

For more information about steps you can take to possibly reduce the chances harm arising from a data breach, please review the following article: What are some steps you can take if you've been the victim of a data breach?

If you believe you are a victim of the Rocky Mountain Associated Physicians data breach, and if you would like to volunteer to serve as a class representative in a class action lawsuit regarding this data breach, please submit your information via the form on this webpage. This website is not associated with nor authorized by Rocky Mountain Associated Physicians or any affiliated companies. If you have received any other data breach notifications, you may to review Abington Cole + Ellery's current list of data breach investigations.