Security News

Cybersecurity news aggregator

LOW News SC Media

The Oncology Institute reports patient data potentially exposed in third-party vendor breach

healthcare
  • What: Oncology Institute reports patient data breach via third-party vendor
  • Impact: Patient information potentially exposed in a third-party security incident
Read Full Article →

Breach The Oncology Institute reports patient data potentially exposed in third-party vendor breach May 26, 2026 Share By SC Staff (Adobe Stock) The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025, while the vendor’s investigation was still ongoing, as reported by Security Affairs. The Oncology Institute disclosed on May 20, 2026, that Kroll, a third-party administrator for an unnamed vendor, detected unauthorized access to systems that may have affected patient data. This incident follows a larger breach at Cognizant-owned TriZetto Provider Solutions in March 2026, which exposed sensitive information for over 3.4 million patients. The TriZetto breach, which began in November 2024, involved unauthorized access to records for insurance eligibility verification transactions, potentially exposing names, addresses, Social Security numbers, and insurance details. While no ransomware group has claimed responsibility for either incident, the potential exposure of patient data highlights significant risks within the healthcare supply chain. The Oncology Institute stated that the vendor has established a patient portal to provide information and address inquiries related to the breach. Source: Security Affairs SC Staff Related Breach Grafana Labs discloses GitHub environment breach, source code downloaded SC Staff May 18, 2026 The breach occurred after a threat actor obtained a compromised token. Breach American Lending Center data breach impacts over 123,000 individuals SC Staff May 15, 2026 The breach involved a ransomware attack where threat actors compromised the internal network and accessed files containing personal identifying information. Breach BWH Hotels confirms cyberattack impacting customer data SC Staff May 13, 2026 The cyberattack on BWH Hotels, which operates under brands like Best Western, WorldHotels, and SureStay Hotels, compromised customer names, email addresses, phone numbers, and postal addresses. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Attack Vector You can skip this ad in 5 seconds

Related Articles

HIGH Oncology Institute Discloses Data Breach SecurityWeek HIGH TriZetto Provider Solutions Breach Hits 3.4 Million Patients Infosecurity Magazine HIGH Cognizant TriZetto breach exposes health data of 3.4 million patients BleepingComputer MEDIUM Thousands more Oregon residents learn their health data was stolen in TriZetto breach The Register Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn