Nura Clinics Data Breach Affects 5,207 Patients

Nura PLLC, a Minnesota-based pain management clinic, recently reported a data breach impacting at least 5,207 individuals in the United States, according to a disclosure filed with the U.S. Department of Health and Human Services on Nov. 21, 2025.

The incident involved unauthorized access to sensitive patient information, potentially including both personally identifiable information (PII) and protected health information (PHI). While the specific method of intrusion has not been publicly detailed, the breach was severe enough to require notification under federal law.

The types of information exposed in this breach are not yet clear. However, it may include names, addresses, dates of birth, Social Security numbers, medical records, treatment details, and insurance information. This possible combination of PII and PHI can increase the risk of identity theft and medical fraud for those affected.

This article will be updated with additional information about the Nura data breach incident as it becomes available.

Nura's response

In response to the breach, Nura notified the U.S. Department of Health and Human Services. They have not yet released further details of actions taken to identify and respond to the data breach.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Nura or a company that does business with Nura.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.