NS Support, LLC Data Breach 2025: 92,845 Patients of Boise Neurosurgical Provider Exposed in May Network Intrusion
NS Support, LLC, a Boise, Idaho neurosurgical practice doing business as Neuroscience Associates, detected unauthorized network access on May 29, 2025. A months-long file review concluded on November 7, 2025 that names and transcribed physician-appointment notes for 92,845 patients had been exfiltrated. The entity reported the incident to HHS OCR and began mailing notification letters on November 21, 2025.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
May 29, 2025
NS Support detects unauthorized access to its network; third-party digital forensics specialists engaged
Nov 7, 2025
File review concludes that exfiltrated files contained protected health information
Nov 21, 2025
HIPAA breach notification filed with HHS Office for Civil Rights; individual notification letters begin mailing
Dec 3, 2025
Breach notice filed with the Idaho Office of the Attorney General
Dec 17, 2025
Strauss Borrelli PLLC publicly opens consumer investigation
May 29, 2025
NS Support detects unauthorized access to its network; third-party digital forensics specialists engaged
Nov 7, 2025
File review concludes that exfiltrated files contained protected health information
Nov 21, 2025
HIPAA breach notification filed with HHS Office for Civil Rights; individual notification letters begin mailing
Dec 3, 2025
Breach notice filed with the Idaho Office of the Attorney General
Dec 17, 2025
Strauss Borrelli PLLC publicly opens consumer investigation
Data exposed
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
NS Support, LLC, a Boise, Idaho neurosurgical practice that operates as Neuroscience Associates and is affiliated with the Saint Alphonsus Health System network, has confirmed that an unauthorized actor accessed its network on or around May 29, 2025. A months-long forensic review concluded on November 7, 2025 that files exfiltrated during the intrusion contained the protected health information of 92,845 patients. The entity reported the incident to the U.S. Department of Health and Human Services Office for Civil Rights and began mailing individual notification letters on November 21, 2025, with a parallel filing to the Idaho Attorney General on December 3, 2025.
The HHS OCR portal entry classifies the event as a Hacking/IT Incident affecting a network server. The data elements involved were narrow: patient names and transcribed physician-appointment notes. Social Security numbers and financial information were not exposed.
NS Support notified affected individuals beginning November 21, 2025 and filed breach notifications with at least 14 state attorneys general. Beyond the Idaho filing on December 3, 2025, the entity submitted notices to the attorneys general of California, Iowa, Maine, Massachusetts, Montana, Nebraska, New Hampshire, Oregon, Rhode Island, South Carolina, Texas, Vermont, and Washington. The Montana filing, according to the ClaimDepot aggregator, disclosed that 73 Montana residents were included among those affected.
Note on entity confusion: Several plaintiff-firm investigation pages and aggregator sites have misidentified NS Support, LLC as a patient-support program affiliated with “NS Pharma, Inc.” NS Support, LLC d/b/a Neuroscience Associates is a Boise, Idaho neurosurgical practice affiliated with Saint Alphonsus Health System — a distinct entity from the pharmaceutical support company of a similar name.
Timeline
- May 29, 2025 — Unauthorized network access is detected. Third-party digital forensics specialists are engaged to investigate scope and contain the intrusion.
- November 7, 2025 — File review concludes that exfiltrated documents contained patient PHI.
- November 21, 2025 — HIPAA breach notification filed with HHS OCR (92,845 affected). Individual notification letters begin mailing to patients.
- December 3, 2025 — Breach notice filed with the Idaho Office of the Attorney General’s Consumer Protection Division.
- December 17, 2025 — Strauss Borrelli PLLC publicly opens a consumer investigation; Federman & Sherwood and Cafferty Clobes Meriwether & Sprengel separately announce inquiries.
What was exposed
According to NS Support’s notification, the data elements involved were:
- First and last names
- Medical information in the form of notes transcribed during physician appointments
NS Support and corroborating press accounts state that Social Security numbers and financial account information were not involved in the incident, and that NS Support has not identified any misuse of the affected information.
What the entity is offering
Because of the limited scope of the exposed data, NS Support did not offer complimentary credit monitoring or identity-theft protection services to notified patients. The notification letters direct recipients to general protective steps such as placing fraud alerts and reviewing health insurance statements rather than enrolling in a sponsored monitoring program.
On its own remediation, NS Support has stated that affected systems were wiped and rebuilt, additional security controls were implemented, and data security policies and network security software are being reviewed for further hardening.
Class-action posture
As of the last update to this page, no class-action complaint against NS Support, LLC has been identified in the public sources reviewed. Three plaintiff-side firms have publicly opened consumer investigations: Strauss Borrelli PLLC (announced December 17, 2025), Federman & Sherwood, and Cafferty Clobes Meriwether & Sprengel LLP. The federal OCR investigation status is open.
The narrow set of exposed elements (names plus clinical notes, without Social Security or financial identifiers) typically makes statutory-damages class theories harder to plead, but the sensitive nature of neurosurgical and brain-tumor clinical notes is a recognized basis for invasion-of-privacy and emotional-distress claims under Idaho and federal common law. We will update this page if a complaint is filed.
What to do if you may be affected
- Read your notification letter carefully. Because the exposed data is limited to names and clinical notes, the specific contents of the transcribed notes about you are the most consequential question. Your letter should identify whether your records were in the affected file set.
- Request a copy of your medical record from NS Support / Neuroscience Associates. Comparing the record on file to your own recollection helps you anticipate what a third party may now know about your conditions or treatments, which is useful context if you later receive targeted communications.
- Be alert to medical-context phishing and social engineering. A bad actor who has read clinical notes can craft highly convincing follow-on lures (fake patient-portal emails, fake billing calls, fake “follow-up” requests). Treat unexpected outreach referencing your neurosurgical care with skepticism and call NS Support’s office directly using the phone number on its website rather than any number provided in an inbound message.
- Consider a credit freeze anyway. Even though Social Security numbers were not involved here, a freeze with Equifax, Experian, and TransUnion is free and reversible, and it is good baseline hygiene given how many other 2025 healthcare breaches did expose identifiers.
- Watch the regulatory and litigation docket. The OCR investigation remains open and at least three plaintiff firms are investigating. If a class action is filed and you receive notice of class membership, follow the official settlement administrator’s instructions rather than any third-party “claim filing” service.
- Stop the ongoing flow of your neurosurgical data. HealthConsent files HIPAA restriction requests so the clinical notes and appointment records exposed in this breach are not continuously re-shared across health information networks and insurance systems. Start a restriction request at HealthConsent.org.
Continue reading
- Your HIPAA rights — how to restrict and access your medical records
- All tracked healthcare data breaches
Sources
- HHS Office for Civil Rights Breach Portal — federal regulatory record of the November 21, 2025 filing (92,845 affected, Hacking/IT Incident, Network Server).
- HIPAA Journal — PHI of Almost 93,000 Patients Compromised in Cyberattack on NS Support — entity description (Boise neurosurgical provider), timeline, exposed data elements, no credit monitoring offered.
- NetSec.News — Breached PHI of About 93,000 Patients Because of NS Support Cyberattack — independent confirmation of dates, scope, and remediation measures.
- Idaho Office of the Attorney General — Security Breaches register — state-level filing dated December 3, 2025.
- Strauss Borrelli PLLC — NS Support Data Breach Investigation — plaintiff-side investigation, “d/b/a Neuroscience Associates” identification.
- Saint Alphonsus Health System — NS Support, LLC location listing — entity address verification (6140 Curtisian Avenue #400, Boise, ID 83704).
- Federman & Sherwood — NS Support, LLC Data Breach Investigation — second plaintiff-side investigation announcement, December 17, 2025.
- ClaimDepot — NS Support breach aggregator — aggregator listing multi-state AG disclosure list (14 states including Idaho); note that this source misidentifies NS Support as an NS Pharma affiliate, which is incorrect.
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- HHS Office for Civil Rights Breach Portal
- HIPAA Journal — PHI of Almost 93,000 Patients Compromised in Cyberattack on NS Support
- NetSec.News — Breached PHI of About 93,000 Patients Because of NS Support Cyberattack
- Idaho Office of the Attorney General — Security Breaches register
- Strauss Borrelli PLLC — NS Support Data Breach Investigation
- Saint Alphonsus Health System — NS Support, LLC location listing
- ClaimDepot — NS Support breach aggregator (multi-state AG disclosure list)
- Federman & Sherwood — NS Support, LLC Data Breach Investigation page
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.