SI-Bone, Inc., a medical device company specializing in minimally invasive treatments for sacropelvic conditions (notably SI joint pain), experienced a data breach discovered on October 1, 2025. The incident exposed highly sensitive personal and medical information, including names, Social Security numbers, driver’s license numbers, addresses, medical records, health insurance details, and other confidential data. The breach was reported to the Texas Attorney General, suggesting a multi-state impact. A law firm, Edelson Lechtzin LLP, is investigating a potential class-action lawsuit on behalf of affected individuals, citing risks of identity theft, fraud, and unauthorized use of compromised data. The exposure of such critical information poses severe threats to patient privacy, financial security, and trust in the company’s data protection measures. Victims are advised to monitor financial accounts and credit reports for suspicious activity, indicating the breach’s potential for long-term harm.
TPRM report: https://www.rankiteo.com/company/si-bone
"id": "si-0192701100325",
"linkid": "si-bone",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare / Medical Devices',
'location': 'Santa Clara, California, USA',
'name': 'SI-BONE, Inc.',
'type': 'Medical Device Company'}],
'customer_advisories': 'Customers advised to review account statements and '
'monitor credit reports for suspicious activity. '
'Contact Edelson Lechtzin LLP for legal assistance if '
'affected.',
'data_breach': {'data_exfiltration': 'Likely (personal data exposed, but '
'specifics unclear).',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes SSNs, medical records, '
'and health insurance data).',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial/Insurance '
'Information']},
'date_detected': '2025-10-01',
'date_publicly_disclosed': '2025-10-03',
'description': 'SI-Bone, Inc. reported a data breach on or about October 1, '
'2025, where personal information such as names, Social '
'Security numbers, driver’s license numbers, addresses, '
'medical information, health insurance information, and other '
'sensitive personal data may have been exposed. The incident '
'was reported to the Attorney General of Texas. Edelson '
'Lechtzin LLP is investigating potential class action lawsuits '
'for affected individuals.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive personal and '
'medical data; class action lawsuit '
'investigation initiated.',
'data_compromised': ['Names',
'Social Security numbers',
'Driver’s license numbers',
'Addresses',
'Medical information',
'Health insurance information',
'Other sensitive personal information'],
'identity_theft_risk': 'High (due to exposure of SSNs, driver’s '
'license numbers, and medical/health '
'insurance data).',
'legal_liabilities': 'Potential class action lawsuit by Edelson '
'Lechtzin LLP for affected individuals.'},
'investigation_status': 'Ongoing (class action investigation by Edelson '
'Lechtzin LLP).',
'recommendations': ['Monitor credit reports and account statements for '
'unauthorized activity.',
'Consider freezing credit to prevent identity theft.',
'Affected individuals may join the class action lawsuit '
'for legal remedies.'],
'references': [{'date_accessed': '2025-10-03',
'source': 'Edelson Lechtzin LLP Press Release',
'url': 'https://www.edelson-law.com'},
{'date_accessed': '2025-10-03', 'source': 'GLOBE NEWSWIRE'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit '
'investigation by Edelson Lechtzin '
'LLP.',
'regulations_violated': ['Potential HIPAA '
'violations (due to '
'exposure of PHI)',
'State data breach '
'notification laws (e.g., '
'Texas)'],
'regulatory_notifications': 'Reported to the '
'Attorney General of '
'Texas.'},
'response': {'communication_strategy': 'Public disclosure via press release '
'(2025-10-03); notification to the '
'Attorney General of Texas. Customers '
'advised to monitor credit reports and '
'account statements for suspicious '
'activity.'},
'title': 'SI-Bone Data Breach Incident',
'type': 'Data Breach'}