Strauss Borrelli PLLC, a leading data breach law firm, is investigating Black Hills Regional Eye Institute LLP (“BHREI”) regarding its recent data breach. The BHREI data breach involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT BLACK HILLS REGIONAL EYE INSTITUTE LLP:
BHREI is an eye care organization based in South Dakote.3 Founded in 2001, BHREI performs eye care diagnosis, treatment, consultation, surgery, research, and education. 3,5 For patients, BHREI offers treatment services for cataracts, LASIK eye surgery, glaucoma, cornea and retina damage and more.2 Headquartered in Rapid City, South Dakota, BHREI employs over 50 individuals.3
WHAT HAPPENED?
Recently, BHREI reported to the Attorney General of Maine that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice, on or around January 8, 2025, BHREI observed suspicious activity within its network environment.1 As a result, BHREI launched an investigation to determine the nature of the incident.
Through its investigation, BHREI confirmed that sensitive personal information in its systems may have been accessed and acquired by an unauthorized third party as early as January 4, 2025. As a result, BHREI began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On July 30, 2025, BHREI completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:4
- Name
- Social Security number
- Date of birth
- Driver’s license number
- Credit card information
- Medical record number
- Health information (dates of service, diagnostic treatment, medical history, medical treatment location, medications, provider name, surgical information)
- Insurance information
On August 28, 2025, BHREI began mailing data breach notification letters to impacted individuals. Additionally, on August 29, 2025, BHREI posted notice of the breach on its website. Based on the breach notice shared on its website, BHREI is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services.4 A link to the breach notice that BHREI shared on its website is below.
If you received a breach notification letter from Black Hills Regional Eye Institute LLP:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
