.png)
Twin Cities Pain Clinic Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Twin Cities Pain Clinic data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Twin Cities Pain Clinic
Twin Cities Pain Clinic is a Minnesota-based medical practice that has focused on pain management. Founded in 2003, the clinic has expanded from a solo operation to multiple locations, including Edina, Woodbury and Maple Grove. In 2016, the clinic opened the Twin Cities Surgery Center, an ambulatory surgery center for advanced pain procedures.
The clinic offers a wide range of services for chronic pain, including patient evaluation, diagnosis, conservative therapies, and advanced treatments like spinal cord stimulation. Their team includes physicians, nurse practitioners, physician assistants, physical therapists and psychologists, all specializing in chronic pain care.
What happened?
On or around July 9, 2025, Twin Cities Pain Clinic discovered suspicious activity in an employee’s email account. On July 31, 2025, it was confirmed that that an unauthorized actor had gained access to the mailbox and files stored in SharePoint.
By Aug. 18, 2025, the clinic determined that personal and protected health information belonging to patients may have been compromised in the data breach. Twin Cities Pain Clinic began mailing official notification to impacted individuals on Sept. 4, 2025.
Information Exposed
- Name
- Address
- Phone number
- Email address
- Date of birth
- Social Security number
- Financial account information
- Health insurance information
- Medical record number
- Treatment notes
- Provider information
The breach was disclosed to the to the Massachusetts Attorney General’s office on Sept. 4, 2025. The total number of affected individuals has not been released, but is believed to include patients from all of the clinic's locations.
Your Rights and Next Steps
If you received a data breach notification from Twin Cities Pain Clinic, you have important rights and options. You may be entitled to seek compensation for any harm or inconvenience caused by this cybersecurity incident.
- Credit monitoring services: Enroll in the 24 months of free TransUnion Cyberscout single-bureau credit monitoring services.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
Lawyers are ready to help individuals who have been affected by this breach understand their rights and explore potential legal remedies.
You May Be Entitled to Compensation
If your personal information was exposed in the Twin Cities Pain Clinic data breach, you may be entitled to compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress. Lawyers are investigating potential claims on behalf of affected individuals.
Completing the form below is the first step toward joining a lawsuit and pursuing monetary damages.
.svg)