A phishing attack impacted several cancer care organizations of the Integrated Oncology Network (ION). All impacted entities released identical breach notices concerning the attack. According to the breach notices, the sophisticated phishing attack allowed unauthorized individuals to access a few employee email and SharePoint accounts.
ION took immediate action to protect the impacted accounts and investigated the incident to find more about the nature and scope of the attack and data breach. As per forensic investigation, the account compromise happened in three days from December 13, 2024 to December 16, 2024. Certain breached accounts included patient data. The analysis of the accounts showed that they included names, addresses, birth dates, financial account details, Social Security numbers, diagnoses, laboratory results, prescription drugs, treatment data, dates of treatment, medical insurance and claims data, and healthcare provider names.
The impacted cancer care organizations didn’t find any proof of misuse of patient data; nevertheless, as a safety measure, the impacted people were provided free credit monitoring, identity restoration, and dark web monitoring services. On June 13, 2025, ION mailed breach notification letters to the impacted oncology physician practices. On June 27, 2025, personal breach notification letters were sent to the impacted patients. ION stated that the breach of email accounts was likely meant to execute a phishing plan; nevertheless, the attacker(s) also accessed SharePoint accounts. ION provided the workforce with more cybersecurity training (which is also required in HIPAA training) to lessen the chance of related incidents later on.
Breach reports submitted by the impacted oncology physician practices are now being posted on the HHS’ Office for Civil Rights breach website. More will likely be added to the listing of affected entities below over the coming days.
- California Cancer Associates for Research and Excellence in High Desert, CA – 17,250 individuals affected
- Lake City Cancer Care, LLC in Florida – 15,142 individuals affected
- Lake City Cancer Care, LLC in Florida – 15,142 individuals affected
- Radiation Oncology Network of Southern California, LLC in California – 12,944 individuals affected
- Rocky Mountain Oncology Care in Wyoming – 10,268 individuals affected
- e+ Oncologics Louisiana, LLC in Los Angeles – 8,270 individuals affected
- California Cancer Associates for Research and Excellence in Fresno, CA – 7,670 individuals affected
- Southwest Urology in Ohio – 7,214 individuals affected
- PET Imaging of Northern Colorado in Colorado – 4,824 individuals affected
- Mojave Radiation Oncology Medical Group in California – 4,403 individuals affected
- Fairbanks Urology in Arkansas – 4,289 individuals affected
- South Georgia Center for Cancer Care in Georgia – 4,108 individuals affected
- PET Imaging of Tulsa in Oklahoma – 3,159 individuals affected
- PET Imaging of The Woodlands in Texas – 2,978 individuals affected
- Denali Biomedical in Arkansas – 2,413 individuals affected
- Acadiana Radiation Therapy, LLC in Los Angeles – 2,219 individuals affected
- Golden State Radiation Oncology in California – 2,130 individuals affected
- PET Imaging of Dallas Northeast in Texas – 1,935 individuals affected
- Orange County Radiation Oncology Medical Group in California -1,911 individuals affected
- PET Imaging of Sugar Land in Texas – 1,808 individuals affected
- PET Imaging of Houston Medical Center in Texas TX – 1,236 individuals affected
- Bardmoor Cancer Center in Florida – 991 individuals affected
- Cancer Care Center of North Florida in Lake Butler – 976 individuals affected
- California Cancer Associates for Research and Excellence in San Diego, California – 638 individuals affected
Total of individuals affected – 133,918