Tri-Cities Gastroenterology Data Breach Affects Over 67K Patients

Severity: Medium (Score: 57.1)

Sources: www.army.mil, Classaction

Summary

Tri-Cities Gastroenterology reported a data breach affecting 67,115 individuals after an unauthorized third party accessed and removed files from their network on or around December 11, 2025. An investigation concluded on April 22, 2026, revealed that compromised information includes full names, Social Security numbers, dates of birth, addresses, email addresses, phone numbers, gender, and medical record numbers. Notifications to affected individuals began on April 29, 2026. Attorneys are exploring the possibility of a class action lawsuit for those impacted, seeking compensation for privacy loss and related issues. The breach highlights vulnerabilities in healthcare data protection and the potential for legal repercussions for the organization. No specific attack method or tools were detailed in the report. Key Points: • 67,115 individuals affected by Tri-Cities Gastroenterology data breach. • Unauthorized access occurred around December 11, 2025. • Compromised data includes sensitive personal and medical information.

Key Entities

• Data Breach (attack_type)
• Tricare Management Activity (company)
• Tri-Cities Gastroenterology (company)
• army.mil (domain)
• classaction.org (domain)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)