Strauss Borrelli PLLC, a leading data breach law firm, is investigating Twin Cities Pain Clinic (“TCPC”) regarding its recent data breach. The TCPC data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT TWIN CITIES PAIN CLINIC:
TCPC is a healthcare provider based in Minnesota. Founded in 2003, TCPC offers a full range of chronic pain treatments, from conservative therapies such as medication management, injections, physical therapy and medical cannabis certification to implantable stimulator and intrathecal pump devices.2 Headquartered in Edina, Minnesota, TCPC has multiple locations across Minnesota and employs over 50 individuals.
WHAT HAPPENED?
Recently, TCPC reported to the Attorney General of the Commonwealth of Massachusetts that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been compromised. According to the breach notice, on or around July 9, 2025, TCPC discovered suspicious activity in an employee’s email account.1 As a result, TCPC launched an investigation to determine the nature of the incident.
Through its investigation, on July 31, 2025, TCPC confirmed that sensitive personal information in its email environment and SharePoint may have been accessed by an unauthorized third party during the breach. As a result, TCPC began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Contact information (e.g., mailing address, email address, phone number)
- Financial account information
- Health information (e.g., medical record number, treatment notes, provider information)
- Health insurance information
On September 4, 2025, TCPC began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Massachusetts residents, TCPC is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification that TCPC posted to its website is below.
If you have received a breach notice from Twin Cities Pain Clinic:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
