VPS Data Breach Exposes Sensitive Patient Information
VPS, a healthcare services provider, recently disclosed a data breach that may have compromised sensitive personal and health-related information. On January 15, 2026, the company detected unauthorized access to its systems containing patient data. An investigation confirmed that an unauthorized third party accessed and potentially acquired personal identifiable information (PII) and protected health information (PHI).
The exposed data varies by individual but may include:
- Full names
- Contact details (addresses, phone numbers, email addresses)
- Dates of birth
- Medical record information
VPS publicly announced the breach on February 14, 2026, via its website and filed an official notice with the U.S. Department of Health and Human Services’ Office for Civil Rights on February 13, 2026. As part of its response, the company is offering affected individuals 12 months of complimentary credit monitoring and a detailed list of the compromised data types. The incident underscores ongoing risks to healthcare data security.
Source: https://straussborrelli.com/2026/03/18/vantage-plastic-surgery-data-breach-investigation/
Visiting Physician Services (VPS) cybersecurity rating report: https://www.rankiteo.com/company/vps-visiting-physician-services
"id": "VPS1773853243",
"linkid": "vps-visiting-physician-services",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Patients',
'industry': 'Healthcare',
'name': 'VPS',
'type': 'Healthcare services provider'}],
'customer_advisories': 'Offering 12 months of complimentary credit monitoring '
'and a detailed list of compromised data types',
'data_breach': {'data_exfiltration': 'Potentially acquired',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and PHI)',
'type_of_data_compromised': ['Full names',
'Contact details (addresses, '
'phone numbers, email addresses)',
'Dates of birth',
'Medical record information']},
'date_detected': '2026-01-15',
'date_publicly_disclosed': '2026-02-14',
'description': 'VPS, a healthcare services provider, recently disclosed a '
'data breach that may have compromised sensitive personal and '
'health-related information. An investigation confirmed that '
'an unauthorized third party accessed and potentially acquired '
'personal identifiable information (PII) and protected health '
'information (PHI).',
'impact': {'data_compromised': 'Personal identifiable information (PII) and '
'protected health information (PHI)',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'references': [{'source': 'VPS Public Announcement'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA'],
'regulatory_notifications': ['U.S. Department of '
'Health and Human '
'Services’ Office for '
'Civil Rights (filed '
'on 2026-02-13)']},
'response': {'communication_strategy': 'Public announcement via website and '
'official notice to HHS'},
'threat_actor': 'Unauthorized third party',
'title': 'VPS Data Breach Exposes Sensitive Patient Information',
'type': 'Data Breach'}