Oncology Firm Says Vendor Hack Compromised Patient Data

Healthcare , Incident & Breach Response , Industry Specific Oncology Firm Says Vendor Hack Compromised Patient Data Breach Is Among Several Recent Major Incidents Involving Billing Software Providers Marianne Kolbasuk McGee (HealthInfoSec) • May 26, 2026     Share Post Share Credit Eligible Get Permission California-based cancer care provider, The Oncology Institute, has notified the SEC about a vendor hack that temporarily affected some billing activities and compromised patient information. (Image: The Oncology Institute) A publicly traded cancer treatment firm notified investors that a yet-undisclosed number of patients' information was compromised in a 2025 cybersecurity incident involving a third-party billing software vendor. See Also: Reduce Cloud Risk in Healthcare with Security by Default The Oncology Institute provides advanced cancer treatment care to nearly 2 million patients at more than 100 clinics in five states - California, Oregon, Nevada, Arizona and Florida. The company, founded in 2007, reported consolidated revenue of $502.7 million in 2025. The clinic disclosed that it recently learned from Kroll - which is working with the breached software vendor - it detected unauthorized access to certain Oncology Institute IT systems, including those containing patient data. The recent filing was an update to a previous report The Oncology Institute submitted to the U.S. Securities and Exchange Commission in November 2025 regarding the same third-party incident. At that time, the oncology firm said the third-party vendor could not confirm whether the cancer care company's data was compromised in the hack, but that the incident would potentially delay the firm's collection of some fee-for-service claims. So far, the incident has not appeared to materially affect the cancer treatment company's financials based on the firm's 2025 fourth quarter and 2026 first quarter earnings results and its analysts calls for both quarters. In its latest filing, The Oncology Institute said that its operations "have continued in all material respects since the detection of the incident." The company said it will work with its affected vendor to offer credit monitoring to all impacted patients. Several large medical billing and revenue cycle management vendors have been the center of major health data breaches in recent months. That includes Trizetto Provider Solutions, a unit of Cognizant, which underwent a February hack affecting 3.4 million individuals. ApolloMD also reported in February a hack affecting nearly 627,000 individuals. Veradigm, formerly Allscripts, reported last September a breach affecting nearly 2.7 million people (see Vendors Veradigm and ApolloMD Report Health Data Hacks).