American Pain and Wellness, PLLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

American Pain and Wellness, PLLC, a healthcare provider based in Allen, Texas, experienced a data breach that was discovered on or about November 27, 2022. The breach involved sensitive personal identifiable information belonging to over 7,000 individuals. The unauthorized access to the company’s systems was due to a ransomware attack that occurred between November 10 and November 27, 2022. The types of information exposed in the breach include names, Social Security numbers, and addresses.

A class action lawsuit has been filed against American Pain and Wellness, alleging negligence on the part of the healthcare provider. The lawsuit claims that the company failed to implement adequate cybersecurity measures and properly train its employees, which left patients’ private data vulnerable and made the computer networks easy targets for cybercriminals. The complaint also states that the company began sending out notices to data breach victims almost four months after the cyberattack was discovered, delaying the victims’ ability to take early steps to mitigate the harms caused by the exposure of their confidential information

The case, Smith v. American Pain and Wellness, PLLC, was filed on April 5, 2023, and is currently proceeding in the US District Court for the Eastern District of Texas

Breach Submission Date Mar 24, 2023
Converted Entity Name American Pain and Wellness, PLLC
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 7,457
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes