Southern Oregon Neurosurgical and Spine Associates Data Breach

On Dec. 9, 2025, Southern Oregon Neurosurgical & Spine Associates, PC, a Medford-based medical group practice specializing in neurosurgical and spine care, reported a data breach to the U.S. Department of Health and Human Services. So far, the cybersecurity incident has impacted at least 1,000 individuals across the U.S. However, this is an ongoing investigation, and the number of impacted individuals is subject to change.

While the specific details of the data breach have not been made public, the nature of the breach suggests that both personally identifiable information (PII) and protected health information (PHI) may have been exposed, potentially including names, addresses, dates of birth, medical diagnoses, treatment information, insurance details and potentially Social Security numbers or other sensitive identifiers.

The breach may be significant due to the type of information involved. Medical practices like Southern Oregon Neurosurgical & Spine Associates, PC handle highly sensitive health and personal data, making breaches particularly concerning for patients.

This article will be updated with additional information as it becomes available.

Southern Oregon Neurosurgical and Spine Associates' response

In response to the breach, Southern Oregon Neurosurgical & Spine Associates notified federal authorities and is expected to have informed affected patients directly, in line with HIPAA requirements. While specific details about the company’s internal response or the resources offered to affected individuals have not been published, it is common practice for healthcare providers to offer credit monitoring or identity theft protection services following such incidents.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Southern Oregon Neurosurgical and Spine Associates.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.