Call Us

Tri-City Healthcare District Data Breach

Posted on behalf of Arnold Law Firm on October 18, 2024 in Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Tri-City Healthcare District, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

explosion with padlockOn October 12, 2024, Tri-City Healthcare District d/b/a Tri-City Medical Center (“Tri-City”) reported a cybersecurity incident (“Data Breach”) to the Attorney General’s Offices in Maine and California. Two days later, on October 14, Tri-City submitted an additional report to the Attorney General of Texas. According to its report, Tri-City detected suspicious activity on November 9, 2023, which disrupted access to its systems. A subsequent investigation revealed that an unauthorized third party had accessed and exfiltrated certain sensitive and private data from Tri-City’s network around November 8, 2023. On September 27, 2024, Tri-City confirmed the identities of the victims and the types of compromised data.

Recently, on or about October 11, 2024, Tri-City began sending data breach notification letters to those affected by the Data Breach. Each notification letter includes access to credit monitoring and identity restoration services provided by ZeroFox IDX.

According to Tri-City’s report, approximately 108,149 individuals were impacted by the Data Breach. As the announcement was made only recently, Tri-City has not yet disclosed additional details. If you received a data breach notification letter from Tri-City, it indicates that you were affected by the Data Breach.

Located in Oceanside, California, Tri-City Healthcare District is a full-service, acute-care public hospital operating the Tri-City Medical Center and several outpatient clinics in Oceanside, Carlsbad, and Vista. The district offers a wide range of medical services, including heart care, orthopedics, robotic surgery, emergency services, women’s care, cancer treatment, and behavioral health, serving a significant number of patients annually and playing a vital role in the community’s health and wellness. With over 2,300 employees, Tri-City is one of the largest employers in North County, San Diego, generating $329 million in annual revenue.

WHAT INFORMATION IS INVOLVED?

The type of compromised information varied among individuals and potentially included:

  • Names,
  • Date of Birth
  • Social Security numbers,
  • Financial Information (e.g. account number, credit or debit card number),
  • Medical Information,
  • Health Insurance Information,

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity.

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses that handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible.

NOTICE: If you received a NOTICE OF DATA BREACH letter from Tri-City Healthcare District, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options or submit a confidential Case Evaluation form here.