GPOA Data Breach Exposes Personal and Health Information of Nearly 57,000 Individuals
On February 26, 2026, Greater Pittsburgh Orthopedic Associates (GPOA), a Pennsylvania-based orthopedic medicine provider, disclosed a cybersecurity incident that compromised the sensitive data of approximately 57,000 individuals. The breach involved unauthorized access to GPOA’s network, potentially exposing personally identifiable information (PII) and protected health information (PHI), including names, Social Security numbers, mailing addresses, and provider details.
The law firm Lynch Carpenter, LLP, has launched an investigation into potential claims against GPOA related to the incident. The firm, which specializes in data privacy litigation, is reviewing cases for affected individuals who may be eligible for compensation.
GPOA has not yet provided further details on the timeline of the breach or the methods used by the unauthorized party. The incident underscores the ongoing risks to healthcare providers handling sensitive patient data.
Greater Pittsburgh Orthopaedic Associates (GPOA) cybersecurity rating report: https://www.rankiteo.com/company/greater-pittsburgh-orthopaedic-associates-gpoa
"id": "GRE1772129276",
"linkid": "greater-pittsburgh-orthopaedic-associates-gpoa",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '57000',
'industry': 'Healthcare',
'location': 'Pennsylvania, USA',
'name': 'Greater Pittsburgh Orthopedic Associates '
'(GPOA)',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': '57000',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Mailing addresses',
'Provider details'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally identifiable '
'information (PII)',
'Protected health information '
'(PHI)']},
'date_publicly_disclosed': '2026-02-26',
'description': 'On February 26, 2026, Greater Pittsburgh Orthopedic '
'Associates (GPOA), a Pennsylvania-based orthopedic medicine '
'provider, disclosed a cybersecurity incident that compromised '
'the sensitive data of approximately 57,000 individuals. The '
'breach involved unauthorized access to GPOA’s network, '
'potentially exposing personally identifiable information '
'(PII) and protected health information (PHI), including '
'names, Social Security numbers, mailing addresses, and '
'provider details.',
'impact': {'data_compromised': 'Personally identifiable information (PII) and '
'protected health information (PHI)',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential claims under investigation',
'systems_affected': 'GPOA’s network'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Lynch Carpenter, LLP'}],
'regulatory_compliance': {'legal_actions': 'Potential claims under '
'investigation by Lynch Carpenter, '
'LLP'},
'response': {'third_party_assistance': 'Lynch Carpenter, LLP (investigation)'},
'title': 'GPOA Data Breach Exposes Personal and Health Information of Nearly '
'57,000 Individuals',
'type': 'Data Breach'}