Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.
Class Action U Logo
Check Your Eligibility

Tri-Cities Gastroenterology Data Breach

Tri-Cities Gastroenterology disclosed a data breach impacting 67,115 individuals. The breach, which occurred in December 2025, exposed sensitive personal and medical information. Affected individuals are offered identity protection services and are advised to monitor their accounts for suspicious activity.

Check Your Eligibility
Tri-Cities Gastroenterology
Date of Breach: December 11, 2025
CAU logo

Who was affected:

Clients of Tri-Cities Gastroenterology

Impacted Data:

Full name

Social Security number

Date of birth

Address

Email address

Phone number

Gender

Medical record number

Check Your Eligibility

Tri-Cities Gastroenterology, a healthcare provider in northeast Tennessee, has announced a significant data breach affecting 67,115 individuals. The breach involved unauthorized access to the company’s network and exposed sensitive personal and medical information. The breach was discovered in December 2025, and a full investigation concluded in April 2026.

Tri-Cities Gastroenterology Data Breach Investigation

On or around December 11, 2025, Tri-Cities Gastroenterology, which operates five offices in northeast Tennessee, experienced a data security incident involving unauthorized access to its network. According to the company’s notification, the unauthorized third party accessed and removed files from the system. The breach impacted 67,115 individuals, including patients who trusted the clinic with sensitive personal and medical information.

Once the breach was detected, Tri-Cities Gastroenterology acted quickly to contain the threat. The company immediately engaged cybersecurity experts to investigate the scope of the incident and secure its systems. The forensic investigation, which lasted from December 2025 to April 22, 2026, determined that the removed files contained highly sensitive personal data.

The breach was found to involve a variety of personal identifiers, including full names, Social Security numbers, dates of birth, addresses, email addresses, phone numbers, gender, and medical record numbers. While Tri-Cities Gastroenterology has stated that there is no evidence of fraud or identity theft at this time, the nature of the exposed data means that affected individuals remain at risk for future misuse, including identity theft, medical fraud, and phishing attempts.

In response to the breach, Tri-Cities Gastroenterology has taken steps to improve its security measures and prevent similar incidents from happening in the future. This includes enhanced monitoring, additional training for staff, and strengthening system defenses to protect against unauthorized access.

Additionally, the company is offering Experian IdentityWorksSM identity protection services for 12 months to those impacted. These services will help affected individuals monitor their credit reports for any suspicious activity, and provide assistance in case of identity theft. The service is completely free and includes credit monitoring, fraud detection, and identity theft restoration. Tri-Cities Gastroenterology is also advising individuals to take additional protective measures, such as placing a fraud alert or security freeze on their credit files.

The company’s proactive response reflects its commitment to protecting the privacy and security of patient information, though the breach has still left many individuals vulnerable. Data breaches in healthcare organizations have become increasingly common, and this incident highlights the importance of stringent cybersecurity practices in the sector.

When Did This Breach Occur?

The breach occurred on or around December 11, 2025. Tri-Cities Gastroenterology confirmed the breach and began notifying affected individuals on April 29, 2026 after completing their investigation on April 22, 2026.

What Information Was Breached?

The potentially exposed information includes:

  • Full name
  • Social Security number
  • Date of birth
  • Address
  • Email address
  • Phone number
  • Gender
  • Medical record number

What You Can Do

If you were impacted by the Tri-Cities Gastroenterology data breach, it’s crucial to take immediate steps to protect your personal information. Start by enrolling in the Experian IdentityWorksSM services offered for free for 12 months. These services will provide you with regular credit monitoring and alerts for suspicious activity, helping you detect and resolve identity theft if it occurs.

In addition to the identity monitoring services, Tri-Cities Gastroenterology recommends that you remain vigilant by reviewing your financial account statements and credit reports for any unauthorized activity. You can request a free credit report from the three major credit bureaus and place fraud alerts or security freezes on your credit files to prevent new accounts from being opened in your name.

Furthermore, be cautious of phishing attempts or fraudulent communications that may try to exploit the breach. If you receive any unsolicited emails or phone calls asking for your personal or financial information, verify the legitimacy of the request before providing any details.

By following these steps, you can help protect yourself from potential misuse of your data and reduce the risk of further harm.

File a Data Breach Lawsuit Against Tri-Cities Gastroenterology

If your personal information was involved in the Tri-Cities Gastroenterology data breach, you may have the right to seek compensation for damages caused by the incident. Data breach lawsuits typically aim to recover damages for emotional distress, loss of privacy, and the costs associated with mitigating identity theft or fraud.

Class action lawsuits allow individuals who have been similarly impacted by the same breach to join together and take collective legal action against the responsible organization. This provides a way to ensure that large companies are held accountable for mishandling sensitive information and failing to adequately protect personal data.

If you believe you were affected by the Tri-Cities Gastroenterology data breach, it is important to explore your legal options. Contact a lawyer experienced in data breach lawsuits to learn more about how you can pursue compensation for any harm caused by the breach.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Excelas Data Breach
Date of Breach: January 28, 2026
Elara Caring Data Breach
Date of Breach: December 12, 2025
Bloomsbury Publishing Data Breach
Date of Breach: April 2, 2026
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.