St. Marys NDS Data Breach Exposes Social Security Numbers

Published
March 3, 2025
Updated
April 14, 2025
St. Marys NDS Data Breach Exposes Social Security Numbers
St. Marys NDS
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

St. Marys NDS

data breach?

Join the Lawsuit

It's free to join. 

On February 7, 2025, St. Marys NDS, LLC disclosed a data breach affecting sensitive personal and protected health information of consumers. According to official disclosures made to various state attorney generals, the breach involved unauthorized access to sensitive data, potentially exposing the personal information of 11,715 Americans.

The breach was first reported to the Texas Attorney General's office on February 7, 2025, affecting approximately 718 Texas residents. Subsequently, disclosures were made to the Massachusetts Attorney General's office and the New Hampshire Attorney General's office on April 7, 2025, affecting 11 residents in Massachusetts. You can view the official disclosure on the Texas Attorney General's website, the Massachusetts Attorney General's website, and the New Hampshire Attorney General's website.

The types of information exposed in this breach included personally identifiable information (PII) and protected health information (PHI). Specifically, the compromised data includes date of birth, Social Security numbers (PII), prescription numbers, prescription information, and dates of service (PHI). The exact method of how this data was accessed or stolen has not been publicly detailed at this time. However, St. Marys NDS, LLC indicated that they engaged a forensic investigation firm immediately upon discovery of the breach to determine the scope and impact of the incident.

St. Marys' response

To assist affected individuals, the company is offering complimentary credit monitoring, credit reporting, and credit score services for 24 months through Cyberscout, a TransUnion company specializing in fraud assistance and remediation services. Affected consumers must enroll within 90 days from receipt of their notification letter. Enrollment can be completed online at Cyberscout's activation page.

Consumers who may have been impacted are encouraged to remain vigilant, regularly review their financial statements, and monitor their credit reports for any suspicious or unauthorized activity. Additionally, consumers may consider placing a fraud alert or security freeze on their credit files as precautionary measures.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Affected Entity
St. Marys NDS
Consumers Notification date
Date of Breach
Breach Discovered Date
Total People Affected
11715
Information Types Exposed
  • Date of Birth
  • Rx Number
  • Rx Information
  • Date of Service
  • Social Security Number
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image