On January 10, 2025, OrthoMinds, LLC discovered it had experienced a significant data breach affecting sensitive consumer information. The breach occurred on two separate occasions, specifically on November 17 and November 27, 2024. During these incidents, unauthorized individuals were able to access and potentially steal confidential consumer data stored in OrthoMinds' systems.
The breach exposed sensitive personal and medical information belonging to affected individuals including names, dates of birth, medical information, health insurance details, payment card information, and Social Security number.
The exact method used by the attackers to gain unauthorized access has not yet been publicly disclosed. However, the scope and sensitivity of the exposed information indicate a serious security incident. In total, at least 24,483 individuals are confirmed to have been affected, including 24,454 people in Texas, 24 people in Massachusetts, and 5 people in Maine.
Following the discovery of the breach, OrthoMinds reported the incident to relevant authorities. On January 24, 2025, the company notified the U.S. Department of Health and Human Services' breach portal.
Additionally, OrthoMinds formally disclosed the breach to several state attorney general offices:
OrthoMinds began notifying affected consumers directly on March 20, 2025, through U.S. mail, postings on the company's website, and notices published in print media. The company has also provided a dedicated webpage with additional information about the breach, which can be found on the OrthoMinds data breach notice page.
If you received a notification from OrthoMinds or believe your information may have been compromised, it is important to take immediate action to protect yourself. Consider monitoring your financial accounts and credit reports closely for suspicious activity. You may also wish to place a fraud alert or credit freeze on your credit files to prevent unauthorized access.