Data incidents have recently been announced by ProxyCare in Florida, Oscar Health in New York, and AccentCare in Texas.

ProxyCare, Oscar Health, and AccentCare have disclosed separate data incidents impacting patients and members across multiple U.S. states, highlighting ongoing vulnerabilities in healthcare data security ranging from cyberattacks to operational errors and third-party breaches.

ProxyCare LLC, a Florida-based personalized pharmacy services provider, confirmed a cybersecurity incident that affected parts of its network environment in August 2025. Following an investigation conducted with third-party cybersecurity experts, the company determined that sensitive patient data had been accessed by an unauthorized party. The compromised information includes names, dates of birth, Social Security numbers, and driver’s license numbers.

ProxyCare completed a detailed review of the impacted data in January 2026 and began notifying affected individuals in March 2026. While current disclosures indicate that approximately 150 individuals in Massachusetts and New Hampshire have been affected, the total number of impacted individuals remains unclear as the incident has not yet been listed on the federal breach reporting portal. The company is offering complimentary credit monitoring and identity protection services to individuals whose Social Security numbers were exposed.

In a separate incident, Oscar Health, a New York-based health insurance provider, reported a data privacy issue caused by a mailing error rather than a cyberattack. On December 31, 2025, the company discovered that member identification cards and enrollment documents for 2026 coverage had been mistakenly sent to outdated or incorrect addresses. The exposed information includes member names, policy numbers, and health plan details.

Ad Banner

Oscar Health clarified that highly sensitive data, such as Social Security numbers and financial information, were not involved, and there is no evidence of misuse. The company has since taken corrective measures to prevent similar incidents and has notified affected individuals. The breach impacted up to 91,350 members across its affiliated entities, including Oscar Health Plan, Inc., Oscar Insurance Company of Florida, and Oscar Health Plan of Georgia.

Meanwhile, AccentCare, a Texas-based provider of home health and hospice services, reported a data breach linked to its third-party billing vendor, Doctor Alliance. The breach occurred after an unauthorized actor gained access to a web application between October 31 and November 16, 2025. The investigation confirmed that files containing sensitive patient data were accessed or exfiltrated during that period.

The compromised information includes names, Social Security numbers, medical record numbers, Medicare identifiers, and clinical details such as diagnosis and treatment information. A total of 19,772 individuals were potentially affected. AccentCare emphasized that its internal systems were not directly compromised and that patient care services were not disrupted. The organization continues to monitor the vendor’s response and its ongoing role as a service provider.

These incidents collectively underscore the diverse nature of data security risks in the healthcare sector, where both cyberattacks and operational lapses can lead to significant exposure of sensitive information. As healthcare organizations increasingly rely on digital systems and third-party vendors, the need for stronger data governance, continuous monitoring, and robust cybersecurity frameworks remains critical.

Recommended Cyber Technology News :

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com  



🔒 Login or Register to continue reading