Strauss Borrelli PLLC, a leading data breach law firm, is investigating The Plastic Surgery Center regarding its recent data breach. The Plastic Surgery Center data breach involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT THE PLASTIC SURGERY CENTER:
The Plastic Surgery Center is a plastic surgery practice based in New Jersey. The Plastic Surgery Center offers cosmetic procedures for the face, body, and skin, such as gender affirmative procedures, liposuction, and brow lifts.2 Additionally, The Plastic Surgery Center offers non-surgical procedures like injectables, laser hair removal, vein treatments, and more.2 Headquartered in Shrewsbury, New Jersey, The Plastic Surgery Center holds over 20 locations across New Jersey, Pennsylvania, and New York and employs over 200 individuals.3
WHAT HAPPENED?
Recently, The Plastic Surgery Center reported to the Attorney General of Vermont that the sensitive personal identifiable information in its care may have been accessed. According to the breach notice, The Plastic Surgery Center’s contracted billing company recently detected suspicious activity within its network.1 As a result, The Plastic Surgery Center launched an investigation to determine the nature of the incident.
Through its investigation, The Plastic Surgery Center confirmed that sensitive personal information that The Plastic Surgery Center shared with its billing company may have been viewed and acquired by an unauthorized third party on November 4, 2024. As a result, The Plastic Surgery Center began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by The Plastic Surgery Center. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government issued ID card numbers (e.g., individual taxpayer ID number, passport number, military ID card number)
- Financial account number of credit or debit card number
- Unique biometric data (e.g., fingerprint, retina or iris image, or other unique biometric representation)
- Genetic information
- Health record or records of a wellness program or similar program of health promotion or disease prevention (e.g., healthcare professional’s medical diagnosis or treatment of the consumer, health insurance policy number)
On April 18, 2025, The Plastic Surgery Center began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Vermont residents, The Plastic Surgery Center is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that The Plastic Surgery Center filed with the Attorney General of Vermont is below.
If you received a breach notification letter from The Plastic Surgery Center:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
