Valley Mountain Regional Center Data Breach Impacts Patient Information

a lock over a laptop keyboardShub & Johns LLC is currently investigating Valley Mountain Regional Center (“Valley Mountain” or “VMRC”) for an apparent failure to safeguard sensitive consumer information in a data breach that was detected on or around August 1, 2023. Valley Mountain, a California-based organization providing services for developmental disabilities, discovered that an unauthorized actor gained access to client data within VMRC’s systems. Through further investigation, it was determined that the breach took place on July 29, 2023.

Though the data security breach was discovered in August 2023, the Company did not begin notifying impacted individuals until April 19, 2024. VMRC has not indicated the approximate number of individuals impacted by the breach. Consumer information exposed in the breach may vary but can include names and Social Security numbers.

The cybercriminals responsible for the breach may have already obtained and sold the compromised consumer information. In previous data breaches, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, medical and/or government services ordered in their name, or their information being posted on the dark web.

Affected by the Valley Mountain Regional Center Data Breach

Have you recently received a data breach notification from Valley Mountain indicating that your information was impacted? If so, we would like to hear from you. Please complete the contact form on this page or contact us at 610-477-8380 or

Valley Mountain Regional Center Data Breach Intake Form

Have you been affected?
Let us know!