CommuniCare+OLE Reports Data Breach Affecting Sensitive Patient Information
CommuniCare+OLE, a healthcare provider, disclosed a data breach involving unauthorized access to sensitive personal and health information. On December 15, 2025, OCHIN CommuniCare+OLE’s electronic medical record system provider alerted the organization that an unauthorized individual had compromised a system managed by TriZetto, a third-party vendor.
The breach prompted an investigation to assess the scope and impact. While details of the security incident remain undisclosed, affected data may include names, Social Security numbers, dates of birth, contact information, and health or insurance-related records. The exact information exposed varies by individual.
CommuniCare+OLE has since begun notifying impacted individuals via mail, providing specifics on the compromised data. The breach notice filed with the California Attorney General’s office outlines the types of information potentially exposed. Further details can be found in the official notification documents.
Source: https://straussborrelli.com/2026/01/21/communicareole-data-breach-investigation/
TriZetto Healthcare Products cybersecurity rating report: https://www.rankiteo.com/company/trizetto-healthcare-products
OCHIN, Inc. cybersecurity rating report: https://www.rankiteo.com/company/ochin
Communicare+OLE cybersecurity rating report: https://www.rankiteo.com/company/communicareole
"id": "TRIOCHCOM1769016387",
"linkid": "trizetto-healthcare-products, ochin, communicareole",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown (varies by individual)',
'industry': 'Healthcare',
'name': 'CommuniCare+OLE',
'type': 'Healthcare Provider'}],
'attack_vector': 'Third-party vendor compromise',
'customer_advisories': 'Notifying impacted individuals via mail with '
'specifics on compromised data',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Dates of birth',
'Contact information',
'Health records',
'Insurance-related records']},
'date_detected': '2025-12-15',
'description': 'CommuniCare+OLE, a healthcare provider, disclosed a data '
'breach involving unauthorized access to sensitive personal '
'and health information. An unauthorized individual '
'compromised a system managed by TriZetto, a third-party '
'vendor, leading to potential exposure of names, Social '
'Security numbers, dates of birth, contact information, and '
'health or insurance-related records.',
'impact': {'data_compromised': 'Sensitive personal and health information',
'identity_theft_risk': 'High',
'systems_affected': 'Electronic medical record system'},
'investigation_status': 'Ongoing',
'references': [{'source': 'California Attorney General’s office'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA'],
'regulatory_notifications': 'Filed with the '
'California Attorney '
'General’s office'},
'response': {'communication_strategy': 'Notifying impacted individuals via '
'mail'},
'title': 'CommuniCare+OLE Data Breach Affecting Sensitive Patient Information',
'type': 'Data Breach'}