HIPAA-covered healthcare entity, NS Support LLC, based in Boise, Idaho specializes in neurosurgical procedures for issues like brain tumors. On November 21, 2025, it announced a hacking incident and data breach to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) that impacted approximately 92,845 individuals.
NS Support discovered the unauthorized access to its computer system on or about May 29, 2025. Third-party digital forensics professionals investigated the incident and secured its network. According to the investigation, the incident involved unauthorized network access and theft of files. After a comprehensive analysis of the compromised files, NS Support confirmed on November 7, 2025 that the incident impacted patients’ protected health information (PHI).
The breached data included full names and health data, such as transcribed notes that from consultations with a doctor. Social Security numbers and financial data were not affected by the breach. NS Support did not receive reports of any misuse of the breached information. The provider mailed notification letters to the impacted persons on or about November 21, 2025.
NS Support stated several actions were undertaken as a result of the security incident. Upon confirmation of the unauthorized network access, the impacted systems were deleted and rebuilt, with more security options put in place to avoid the same incidents down the road. Data security guidelines and procedures are under review and will be improved as necessary to reinforce security. NS Support is also reviewing the network security application.
Because of the nature of the breached information, NS Support did not offer credit monitoring and identity theft protection services. Though there are no reports on the potential misuse of patient information, NS Support still provided information on what they can do should they be worried regarding possible misuse of their personal data.
Image credit: Varith, AdobeStock
