Interventional Pain Center Breach Exposes Sensitive Personal and Health Information

Interventional Pain Center PLLC, a pain management practice with locations in Hendersonville and Nashville, Tennessee, disclosed a data breach involving an email account that affected 3,171 individuals in the United States.

The breach was disclosed to the U.S. Department of Health and Human Services on March 31, 2026. The company discovered the breach on Dec. 11, 2025, and has since posted a notice on its website informing affected individuals about the incident and the steps they can take to protect their personal and medical information.

What happened in the Interventional Pain Center data breach

An unauthorized individual gained access to an Interventional Pain Center email account. The unauthorized access occurred over a period of about 10 days, between Dec. 1, 2025, and Dec. 11, 2025.

After securing the account, Interventional Pain Center launched an investigation to determine the extent of the incident with the assistance of cybersecurity professionals. On or about March 6, 2026, the company determined that certain personal information was present within the compromised email account.

Following this finding, the company conducted a detailed review of the email account's contents to identify what personal information was involved and which individuals were affected. Interventional Pain Center completed this review on or around March 17, 2026.

Personally identifiable information potentially exposed included names, Social Security numbers, addresses, zip codes, driver's license numbers and dates of birth.

Protected health information that may have been accessible included medical history, diagnoses, conditions, treatment information, prescription information and treating physician details. Health insurance information and subscriber numbers were also potentially compromised.

Interventional Pain Center's response to the breach

Because highly sensitive information was potentially exposed, affected individuals may want to take prompt steps to protect themselves.

Individuals with questions about the incident can contact the company's dedicated phone line at 877-507-2651. The line is available Monday through Friday between 8 a.m. and 5 p.m. Central Time, excluding major U.S. holidays.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze on credit files by contacting Equifax (888-298-0045), Experian (1-888-397-3742) or TransUnion (833-395-6938) to help prevent unauthorized accounts from being opened.
• Request free credit reports at AnnualCreditReport.com or by calling 1-877-322-8228, and review them carefully for any unfamiliar accounts or suspicious activity.
• Review financial account statements regularly for any unauthorized transactions or suspicious charges, as personal details like Social Security numbers and dates of birth can be used to commit financial fraud.
• Monitor health insurance statements for any services, prescriptions or claims that were not authorized, as medical information and health insurance details were potentially exposed in this breach.
• Be cautious of phishing attempts that reference Interventional Pain Center or this data breach by name, as scammers may try to use the incident to trick people into sharing additional personal information.
• File a report with the Federal Trade Commission at identitytheft.gov or by calling 1-877-438-4338 if any signs of identity theft or fraud are discovered.