Postmeds Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Postmeds, Inc., which does business as Truepill, regarding its recent data breach. The Truepill data breach involved sensitive protected health information belonging to an undetermined number of individuals.


Truepill is a software company specializing in developing software for pharmacies and healthcare organizations. Founded in 2016, Truepill offers products such as open application programming interface and virtual pharmacy software to help its healthcare partners connect to patients online. Additionally, Truepill operates a nationwide network of mail order pharmacies, dispensing and shipping medications to all 50 states. Headquartered in San Mateo, California, Truepill has one location and employs more than 500 individuals.


On August 31, 2023, Truepill discovered that it had experienced a data breach in which the sensitive protected health information in its systems may have been accessed. Through its investigation, Truepill determined that an unauthorized actor may have accessed this sensitive information between August 30 and September 1, 2023. Recently, Truepill began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Medication type
  • Demographic information
  • Prescribing physician name

If you received a breach notification letter from Postmeds, Inc. d/b/a Truepill:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the Truepill data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by Postmeds, Inc. d/b/a Truepill;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: