ERMI Data Breach Exposes Social Security Numbers and Medical Records

Healthcare data breach illustration
Breach Discovery: 14th August 2025Breach Notification: Not Publicly Disclosed

What Happened in the ERMI Data Breach?

ERMI LLC, a Georgia-based manufacturer of medical equipment for orthopedic patients, has confirmed a significant data breach. The company discovered unauthorized access to its systems on or around August 14, 2025. This discovery prompted an immediate response to determine the scope of the intrusion.

Working with third-party cybersecurity experts, ERMI determined that an unauthorized third party had accessed certain systems between February 15, 2025, and August 14, 2025. During this extended window, files containing patient information may have been viewed or acquired. This means the ERMI data breach involved months of potential unauthorized access before it was caught.

After the intrusion was identified, ERMI launched a thorough forensic investigation to understand exactly what data had been affected. An extensive manual review of the compromised files was completed on or around April 17, 2026. As a result of this lengthy review process, the company was able to confirm the specific categories of information involved in the incident.

Who was affected?

The ERMI data breach affected 74,074 patients whose information was stored on the company’s systems. Because ERMI manufactures equipment for orthopedic patients, those impacted likely include individuals who received orthopedic devices or related medical services through providers using ERMI products.

The exact geographic scope of affected patients has not been publicly disclosed. However, since ERMI operates as a medical equipment supplier, the breach could affect patients across multiple states who interacted with healthcare providers using its equipment. There is no indication in current disclosures that minors were specifically targeted, though this has not been ruled out either.

What Information Was Potentially Exposed?

The manual review confirmed that a wide range of sensitive personal and medical information was exposed in this incident. This data was tied to patient names, making it especially useful to identity thieves and fraudsters.

  • Social Security numbers
  • Driver’s license numbers
  • Veteran identification numbers
  • Passport numbers
  • Usernames and passwords
  • Email addresses with passwords and security questions
  • Dates of birth and dates of death
  • Taxpayer/employer identification numbers
  • Financial account information
  • Payment card information
  • Medical information
  • Health insurance information

Given the breadth of this exposure, affected individuals face serious risks. For example, exposed Social Security numbers combined with dates of birth can allow criminals to open new credit accounts, file fraudulent tax returns, or apply for loans in someone else’s name. Because financial account and payment card details were also exposed, victims may see unauthorized charges or new account fraud.

In addition, the exposure of medical and health insurance information raises the risk of medical identity theft. This occurs when someone uses stolen health insurance details to receive medical treatment or submit fraudulent claims. As a result, victims may find inaccurate information in their own medical records, which can complicate future care and insurance coverage.

What is the company doing?

ERMI has notified all affected individuals about the breach and provided guidance on how to reduce the risk of data misuse. In response to the exposure of Social Security numbers, the company is offering complimentary credit monitoring services to those individuals whose SSNs were compromised.

Furthermore, ERMI worked with outside cybersecurity specialists throughout the investigation to ensure a thorough and accurate accounting of the exposed data. This collaborative approach helped the company confirm precisely which data categories were affected before notifying patients, so the guidance given to victims reflects the true scope of the incident.

What Should Affected Individuals Do?

Monitor Your Credit Reports Closely

Affected individuals should request free copies of their credit reports and review them for unfamiliar accounts or inquiries. Because Social Security numbers were exposed, this step is particularly important for anyone notified about the ERMI data breach.

You can obtain free credit reports from each of the three major credit bureaus. Checking these reports regularly over the coming months will help you catch fraudulent activity early, before it causes lasting financial damage.

Consider a Credit Freeze or Fraud Alert

Given that Social Security numbers, driver’s license numbers, and financial account details were exposed, affected individuals should strongly consider placing a credit freeze with each credit bureau. This step prevents new accounts from being opened in your name without your explicit consent.

Alternatively, a fraud alert can be added to your credit file, which requires lenders to verify your identity before extending credit. Either option provides meaningful protection, though a credit freeze generally offers a stronger barrier against identity theft.

Enroll in the Offered Credit Monitoring Services

Since ERMI is offering complimentary credit monitoring to individuals whose Social Security numbers were affected, it’s wise to take advantage of this service. Credit monitoring can alert you quickly if new accounts or inquiries appear under your name.

To enroll, follow the specific instructions included in your breach notification letter. Because enrollment periods are often time-limited, acting promptly ensures you don’t miss this free protection.

Watch for Phishing Attempts and Suspicious Communications

Because email addresses, passwords, and security questions were exposed, affected individuals should be especially cautious about unexpected emails or phone calls. Scammers often use breached information to craft convincing phishing messages that appear legitimate.

As a result, you should avoid clicking links or providing personal details in response to unsolicited messages. Instead, verify any request by contacting the organization directly through a known, trusted phone number or website.

Protect Against Medical Identity Theft

Because medical information and health insurance details were exposed, affected patients should review their medical records and insurance statements for unfamiliar claims or services. This can help catch medical identity theft before it causes lasting harm.

If you notice anything unusual, contact your health insurance provider immediately to dispute the charges. Additionally, consider requesting an accounting of disclosures from your healthcare providers to see whether your information has been misused elsewhere.



Related Data Breaches