St. Clair Orthopaedics & Sports Medicine, a healthcare provider based in Michigan, recently reported a data breach affecting approximately 340,000 individuals. The breach was first identified on November 24, 2024, when suspicious activity was detected within its network. This prompted St. Clair to initiate an investigation to determine the cause and scope of the breach. The healthcare provider is known for specializing in sports medicine, joint reconstruction, and various other medical services across its locations in St. Clair Shores and Macomb, Michigan.
During its investigation, St. Clair confirmed that an unauthorized third party had potentially accessed sensitive personal identifiable information (PII) and protected health information (PHI).
The compromised data includes names, social security numbers, health insurance information, addresses, phone numbers, dates of birth, and driver’s license numbers. Additionally, information regarding health insurance plans, including Medicaid and Medicare identifiers, was also potentially exposed. St. Clair has completed its review of the impacted data and has taken steps to inform affected individuals.
In response to the breach, St. Clair has posted a public notice on its website and plans to directly notify those impacted.
The provider is also offering a detailed list of the types of sensitive data that were compromised and providing complimentary credit monitoring services to affected individuals. This breach highlights the vulnerability of healthcare systems and the sensitive nature of the data they manage. St. Clair has assured affected individuals that it is taking necessary measures to enhance the security of its systems moving forward.
St. Clair employs over 20 staff members across its two locations and continues to offer a wide range of services, including diagnostic imaging, physical therapy, and immediate care. The breach serves as a reminder of the increasing cyber risks faced by healthcare providers, underscoring the importance of robust data protection strategies to safeguard personal and health information.
Reference:
