The Plastic Surgery Center reports data breach affecting patient information

The Plastic Surgery Center (TPSC), a cosmetic surgery provider with over 20 locations across New Jersey, New York, and Pennsylvania, is reporting a data breach that exposed patient information through its contracted billing company's network.

On November 4, 2024 TPSC's contracted billing company detected suspicious activity within its network and initiated an investigation. It was confirmed that systems were accessed by an unknown actor, with certain files being accessed and/or exfiltrated. On April 4, 2025 TPSC completed its detailed review of the affected systems to determine what information was involved. Exposed data includes:

• Names
• Dates of birth
• Driver's license and/or passport numbers
• Social Security numbers
• Taxpayer IDs
• Financial account and payment card information
• Biometric data
• Medical and health insurance information

The number of affected individuals is not disclosed. The Plastic Surgery Center clarified that the incident did not impact any patient photographs related to services received.

On April 18, 2025 TPSC started sending notification letters to affected individuals. TPSC is offering affected individuals free access to credit monitoring and identity restoration services for 12 or 24 months.