Highlands Oncology Group Dermatology Data Breach Lawsuit

On June 2, 2025, Highlands Oncology Group PA (Highlands) confirmed that it was the victim of a cyberattack that impacted its computer systems and compromised sensitive data. The breach occurred over a period of time between January 21, 2025, and June 2, 2025, and was discovered on June 2. Highlands Oncology Group has since been working diligently to secure its systems, notify affected individuals, and mitigate future risks. The breach has affected a total of 113,575 individuals, including six residents of Maine.

While there is no confirmed evidence that the exposed data has been used for identity theft or fraud, the compromised files may include a significant amount of sensitive personal information. Highlands’ investigation into the breach revealed that the Medusa ransomware gang has claimed responsibility for the attack.

Highlands Oncology Group PA Data Breach Details

The investigation into the breach determined that an unauthorized entity accessed Highlands’ network at various times between January 21 and June 2, 2025. During this period, the hackers encrypted several files, and it is believed they may have acquired sensitive personal data stored in the system.

The Medusa ransomware group is a known cybercriminal organization notorious for its targeted attacks on healthcare institutions and organizations. Highlands confirmed that this attack was part of a broader pattern of attacks involving ransomware, where the malicious actors hold files hostage and demand payment for their release. While the breach was discovered in June, the hackers had gained access months earlier, and the full extent of the data exposed is still being investigated.

Compromised Information

Based on the forensic investigation, Highlands Oncology has determined that the compromised information may include sensitive data such as:

• Full names

• Dates of birth

• Social Security numbers

• Driver’s license/state ID numbers

• Passport numbers

• Financial details

• Medical treatment information

• Health insurance data

These types of information, if exposed, could significantly impact those affected by the breach, potentially leading to identity theft, fraud, or unauthorized use of their financial and health data.

Highlands Oncology’s Response

Highlands is also offering affected individuals a one-year membership to Experian IdentityWorksSM Credit 3B at no charge, which will provide credit monitoring and identity theft protection services.

On August 1, 2025, Highlands began notifying individuals whose personal information may have been affected by the breach via mail, where possible. This notification provides instructions on how to activate the complimentary identity protection services and guidance on additional steps to protect against identity theft or fraud.

Next Steps for Affected Individuals

If your personal information has been breached, it’s important to take immediate and proactive steps to minimize the potential impact and protect yourself from identity theft or fraud. Here are some general actions that you should consider taking:

• Monitor Credit Reports: Check your credit reports regularly for suspicious activity.

• Place a Fraud Alert or Credit Freeze: Set up a fraud alert or freeze your credit to prevent unauthorized access.

• Monitor Financial Accounts: Review bank and credit card statements for unfamiliar transactions.

• Watch for Phishing Scams: Be cautious of unsolicited requests for personal information.

• Change Passwords: Update passwords for online accounts and use strong, unique ones.

• Enable Two-Factor Authentication: Add an extra layer of security to online accounts.

• Review Health and Insurance Info: Check for fraudulent charges if health data was exposed.

Legal Assistance for Victims of Identity Theft and Data Breaches