On January 30, 2025, St. Clair Orthopaedics and Sports Medicine (“SCOSM”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party accessed parts of its IT network. In this notice, SCOSM explains that the incident resulted in an unauthorized party being able to access patients’ sensitive information, which includes their names, Social Security numbers, driver’s license numbers, billing information, health insurance information, and medical information. Upon completing its investigation, St. Clair Orthopaedics and Sports Medicine began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from St. Clair Orthopaedics and Sports Medicine, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the St. Clair Orthopaedics and Sports Medicine data breach. For more information, please see our recent piece on the topic here.
What Caused the St. Clair Orthopaedics and Sports Medicine Data Breach?
The St. Clair Orthopaedics and Sports Medicine data breach was only recently announced, and more information is expected in the near future. However, St. Clair Orthopaedics and Sports Medicine’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. SCOSM also posted a notice on its website discussing the incident in greater detail.
According to these sources, on November 24, 2024, SCOSM detected suspicious activity within its computer network. In response, SCOSM launched an investigation with the help of outside cybersecurity experts. On December 9, 2024, St. Clair Orthopaedics and Sports Medicine’s investigation confirmed that some of the compromised files and folders contained confidential patient information.
After learning that sensitive patient data was accessible to an unauthorized party, St. Clair Orthopaedics and Sports Medicine reviewed the compromised files to determine what information was leaked and which patients were impacted. This process began on December 20, 2024 and concluded on January 29, 2025. While the breached information varies depending on the individual, it may include your name, Social Security number, driver’s license number, billing information, health insurance information, and medical information.
On January 30, 2025, St. Clair Orthopaedics and Sports Medicine sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About St. Clair Orthopaedics and Sports Medicine
St. Clair Orthopaedics and Sports Medicine is a medical practice specializing in orthopedic care, sports medicine, and rehabilitation services. Headquartered in Macomb, Michigan, the practice provides comprehensive treatment for musculoskeletal conditions, including joint replacements, fracture care, spine surgery, and physical therapy. With a team of experienced orthopedic surgeons and specialists, St. Clair Orthopaedics and Sports Medicine focuses on delivering patient-centered care using advanced surgical and non-surgical treatment options. The organization employs approximately 104 people and generates an estimated $19 million in annual revenue.
