Four Healthcare Providers Disclose Major Data Breaches
Four healthcare providers — Western Orthopaedics (CO), Community Health Systems (CA), Tri-Cities Gastroenterology (TN), and Integrated Pain Associates (TX) — have simultaneously disclosed data breaches involving highly sensitive PII and protected health information (PHI). Western Orthopaedics confirmed unauthorized network access in September 2025, with potentially exposed data including names, SSNs, passwords, financial account data, health insurance details, provider names, dates of service, and billing information; the PEAR extortion group claimed responsibility and reportedly leaked the stolen data. Community Health Systems detected suspicious activity in February 2026, and confirmed unauthorized access to systems containing patient data such as SSNs, driver’s license numbers, treatment and diagnosis information, prescription details, Medicare/Medicaid IDs, and claims data.
Tri-Cities Gastroenterology reported a December 2025 incident involving file exfiltration, with exposed data including names, SSNs, dates of birth, addresses, gender, and medical record numbers; the Insomnia threat group leaked the data. Integrated Pain Associates identified unauthorized network access in February 2026, with its forensic review still ongoing, but already confirmed exposure of names, dates of birth, driver’s license numbers, SSNs, diagnoses, medication information, insurance details, provider names, treatment information, and financial account data. Across all four cases, the number of affected individuals remains unclear, which creates serious HIPAA compliance, breach notification, auditability, and patient trust concerns.
These incidents show why healthcare organizations need a unified HIPAA-ready security data lake, such as NIKSUN, that consolidates database activity monitoring, PHI access logs, EHR/application logs, identity events, endpoint telemetry, NetFlow/IPFIX, DNS, and full packet capture into one platform to identify incidents before patient data is leaked. Read more about this story on our LinkedIn page
Tri-Cities Gastroenterology reported a December 2025 incident involving file exfiltration, with exposed data including names, SSNs, dates of birth, addresses, gender, and medical record numbers; the Insomnia threat group leaked the data. Integrated Pain Associates identified unauthorized network access in February 2026, with its forensic review still ongoing, but already confirmed exposure of names, dates of birth, driver’s license numbers, SSNs, diagnoses, medication information, insurance details, provider names, treatment information, and financial account data. Across all four cases, the number of affected individuals remains unclear, which creates serious HIPAA compliance, breach notification, auditability, and patient trust concerns.
These incidents show why healthcare organizations need a unified HIPAA-ready security data lake, such as NIKSUN, that consolidates database activity monitoring, PHI access logs, EHR/application logs, identity events, endpoint telemetry, NetFlow/IPFIX, DNS, and full packet capture into one platform to identify incidents before patient data is leaked. Read more about this story on our LinkedIn page