Creative Smiles Pediatric Dentistry Listed by CRPxO Ransomware Group
Sector: Pediatric Dentistry | Data leaked: 2.5 GB
On July 9, 2026, Creative Smiles Pediatric Dentistry appeared on the leak site of the CRPxO ransomware group after attackers exfiltrated 2.5 GB of internal files during a ransomware incident. Families who trusted the pediatric dental practice with their children’s names, dates of birth, medical histories, addresses, and guardian contact details now face the possibility that this information has been stolen and published.
Confirmed Facts from Reporting
Public reporting indicates the dental practice was listed on the CRPxO ransomware leak site with a sample of the stolen data. The exposed volume totals 2.5 GB of internal files. No exact patient count has been confirmed, but pediatric dental records typically include names, birth dates, Social Security numbers in some cases, parent contact information, insurance details, and clinical notes. The listing appeared on an onion address tracked by ransomware.live. Available reporting describes the data as exfiltrated rather than simply encrypted, consistent with double-extortion tactics.
Why This Matters for You and Your Family
When a children’s dental provider is breached, the information exposed is highly personal and long-lived. Names paired with dates of birth and parent phone numbers become building blocks for identity theft, fraudulent accounts, and targeted scams against your family. Medical details can be abused for insurance fraud or phishing that sounds legitimate because it references real treatments. Children’s records are especially valuable to criminals because minors’ data often goes unmonitored for years, allowing fraud to grow undetected until the child reaches adulthood.
The Doxxing and Identity-Chain Implications
Credential leaks and internal files from healthcare providers frequently cascade into doxxing chains. An email or phone number taken from one breach can be matched with gaming usernames, social media handles, or school information to build a complete profile. Once attackers link a child’s name and birth date to an online handle, they can target gaming accounts for takeover, harassment, or further extortion. This incident adds another node to that chain. Public reporting indicates that records like these have been used in the past to locate families, impersonate parents, or pressure victims by threatening to release sensitive pediatric health information.
CRPxO’s Publicly Known Track Record
Public reporting attributes CRPxO with emerging in late 2024 as a ransomware operation that combines encryption with data theft and public shaming. The group has listed healthcare providers, small medical practices, and professional service firms among its victims. Its typical playbook involves initial access through phishing or exploited remote desktop credentials, followed by exfiltration of sensitive files before deploying ransomware. The group then demands payment to prevent publication, using leak sites to apply pressure. Exact success rates remain unclear, but public trackers show CRPxO maintains an active leak site and continues to add new victims on a regular basis.
What to do
- Run a DoxxScan to map every link between your family’s emails, phone numbers, children’s names, and online handles across 15.4B+ breach records and 100+ platforms.
- Rotate any passwords used at Creative Smiles Pediatric Dentistry anywhere they have been reused, and switch to 2FA through an authenticator app rather than text messages.
- Enable continuous DoxxScan monitoring so the next breach exposing your family is caught and addressed in hours instead of months.
- Cover the entire household with DoxxScan family protection that extends to dependents and children’s gaming accounts that can be chained back to the same address or parent information.
- Let remediation specialists handle takedown requests for any exposed personal documents or broker listings that surface from this incident.
The incident at Creative Smiles Pediatric Dentistry shows how quickly a single provider breach can ripple into long-term risks for your family’s privacy and online safety. Starting with a clear picture of where your information already appears online puts you in control. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping that connects handles to real identities, and hands-on remediation by specialists who manage takedowns for you and your household, including children’s gaming accounts vulnerable to credential-based takeovers.
Related breaches
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →