Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.
Class Action U Logo
Check Your Eligibility

Western Orthopaedics Data Breach

Western Orthopaedics disclosed a data breach affecting personal and health information, including Social Security numbers, medical records, and financial data. Patients are offered free credit monitoring and identity protection services for a limited time.

Check Your Eligibility
Western Orthopaedics
Date of Breach: October 2, 2025
CAU logo

Who was affected:

Clients of Western Orthopaedics

Impacted Data:

Full name

Address

Phone number

Social Security number

Date of birth

Check Your Eligibility

Western Orthopaedics, P.C. has announced a data breach that exposed sensitive personal and medical information of patients. The breach, which was discovered in October 2025, involved unauthorized access to the clinic’s network and affected a number of individuals between September 17 and September 25, 2025.

Western Orthopaedics Data Breach Investigation

Western Orthopaedics, P.C. (“Western Ortho”) has confirmed that a security incident occurred involving unauthorized access to its network. The breach was first identified on October 2, 2025, prompting immediate action to investigate, contain, and remediate the incident. The company enlisted the help of its contracted cybersecurity team and external experts to assess the scope of the breach.

The investigation revealed that between September 17, 2025, and September 25, 2025, an unauthorized third party accessed and/or acquired sensitive data contained within Western Orthopaedics’ network. While the clinic’s investigation was ongoing, it was not until March 3, 2026 that the company confirmed that certain individuals’ personal information, including protected health information, had been exposed.

Western Orthopaedics conducted a thorough analysis to determine the specific data that was affected. The affected data includes personal information such as names, addresses, Social Security numbers, and dates of birth, as well as medical information such as health insurance details, provider names, dates of service, and medical billing information. In addition to this, financial account information, including credit or debit card numbers, may have been exposed. It is important to note that not all data elements were exposed for every individual, and the full scope of the breach is still under review.

While there is no evidence indicating that any of the exposed information has been misused, the nature of the breach—including the exposure of personal, financial, and medical information—raises significant concerns about the potential for identity theft, medical fraud, and other malicious activities.

In response to the breach, Western Orthopaedics has taken immediate steps to secure its systems and protect the privacy of its patients. This includes enhancing security measures to prevent future breaches and notifying law enforcement. To support those affected, the clinic is offering complimentary credit monitoring and identity protection services through Epiq for a period of <<CM Duration>> months. These services are designed to help individuals monitor their personal data, detect fraud, and restore their identity if necessary.

When Did This Breach Occur?

The breach occurred between September 17, 2025, and September 25, 2025. Western Orthopaedics discovered the breach on October 2, 2025 and completed its investigation by March 3, 2026. Notification to affected individuals began on April 29, 2026.

What Information Was Breached?

The potentially exposed information includes:

  • Full name
  • Address
  • Phone number
  • Social Security number
  • Date of birth
  • Financial account information (credit/debit card numbers)
  • Health insurance information
  • Health insurance plan or subscriber ID number
  • Medical provider name
  • Medical dates of service
  • Medical cost or billing information

Please note that not all data elements were affected for every individual.

What You Can Do

If you have been affected by the Western Orthopaedics data breach, it is crucial to take steps to protect your personal information. First, enroll in the free credit monitoring and identity protection services provided by Epiq. These services will help you monitor your credit and detect any suspicious activity. The service includes credit monitoring, identity theft restoration, and fraud consultation.

In addition to enrolling in the provided services, you should take the following precautions:

  1. Monitor Your Accounts: Regularly review your account statements, Explanation of Benefits (EOB) statements, and credit reports for any unauthorized activity. You can request a free credit report from the three major credit bureaus once per year by visiting www.annualcreditreport.com or calling 1-877-322-8228.
  2. Place a Fraud Alert or Credit Freeze: Consider contacting the major credit reporting agencies to place a fraud alert or credit freeze on your credit file. This will help prevent new accounts from being opened in your name.
  3. Be Aware of Phishing Attempts: Be cautious of emails or phone calls that ask for personal information. Phishing attempts may occur as a result of the data breach, so always verify the source before providing any sensitive information.
  4. Notify Financial Institutions: If you discover any suspicious activity, immediately notify your financial institution or the company that manages your accounts.
  5. Report Identity Theft: If you suspect that your identity has been stolen, report the incident to law enforcement, the Federal Trade Commission (FTC), and the state Attorney General.

By taking these steps, you can reduce the risk of fraud and identity theft and better protect your personal information.

File a Data Breach Lawsuit Against Western Orthopaedics

If your personal information was affected by the Western Orthopaedics data breach, you may have the right to pursue legal action. Data breach lawsuits can help individuals recover damages for the emotional distress, financial harm, and time spent dealing with the consequences of the breach.

Class action lawsuits allow affected individuals to come together and collectively seek compensation from organizations that fail to adequately protect personal data. If you were affected by this incident, you may be eligible to join a class action lawsuit and hold Western Orthopaedics accountable for its role in the breach.

To explore your legal options, contact a lawyer who specializes in data breach cases. Taking legal action not only helps you seek justice but also contributes to greater accountability for companies that fail to safeguard sensitive information.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Bloomsbury Publishing Data Breach
Date of Breach: April 2, 2026
D’Ambrosio Dodge Data Breach
Date of Breach: November 24, 2025
Millborn Seeds Data Breach
Date of Breach: January 28, 2026
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.