TRHS Data Breach Exposes Patient Information via Third-Party Vendor
Terry Reilly Health Services (TRHS) has begun notifying patients of a data security incident that may have compromised personal and health-related information. The breach, discovered through TriZetto Provider Solutions (TPS) a third-party vendor for OCHIN, TRHS’s electronic medical record provider prompted immediate action from cybersecurity experts and law enforcement.
TPS contained and neutralized the threat while implementing enhanced security measures to prevent future incidents. Exposed data may include names, addresses, dates of birth, Social Security numbers, health coverage member numbers, insurer details, provider names, and other demographic and health information. Financial data, such as payment cards and bank accounts, was not affected.
Affected individuals will receive notification letters by mail within the next week, along with instructions for enrolling in complimentary identity and credit monitoring services provided by Kroll. Patients will need a unique code from the letter to access the service. TRHS has not disclosed the number of impacted individuals or the exact timeline of the breach.
TriZetto Provider Solutions TPRM report: https://www.rankiteo.com/company/trizettoprovider
OCHIN TPRM report: https://www.rankiteo.com/company/ochin
Terry Reilly Health Services TPRM report: https://www.rankiteo.com/company/terry-reilly-health-services
"id": "triochter1770659813",
"linkid": "trizettoprovider, ochin, terry-reilly-health-services",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Terry Reilly Health Services (TRHS)',
'type': 'Healthcare Provider'}],
'attack_vector': 'Third-Party Vendor Compromise',
'customer_advisories': 'Notification letters with identity and credit '
'monitoring instructions',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and PHI)',
'type_of_data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Social Security numbers',
'Health coverage member numbers',
'Insurer details',
'Provider names',
'Demographic information',
'Health information']},
'description': 'Terry Reilly Health Services (TRHS) has begun notifying '
'patients of a data security incident that may have '
'compromised personal and health-related information. The '
'breach was discovered through TriZetto Provider Solutions '
'(TPS), a third-party vendor for OCHIN, TRHS’s electronic '
'medical record provider. TPS contained and neutralized the '
'threat while implementing enhanced security measures to '
'prevent future incidents.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'data exposure',
'data_compromised': 'Personal and health-related information',
'identity_theft_risk': 'High (exposure of SSNs and other PII)',
'payment_information_risk': 'None (financial data not affected)',
'systems_affected': 'Electronic medical record system (via '
'third-party vendor)'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Enhanced security measures '
'by TPS',
'root_causes': 'Third-party vendor (TPS) '
'compromise'},
'references': [{'source': 'Incident Notification'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (potential)']},
'response': {'communication_strategy': 'Notification letters to affected '
'individuals',
'containment_measures': 'Threat contained and neutralized by TPS',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Enhanced security measures implemented '
'by TPS',
'third_party_assistance': 'Cybersecurity experts'},
'title': 'TRHS Data Breach Exposes Patient Information via Third-Party Vendor',
'type': 'Data Breach'}