If you have concerns that you have been affected by this data breach, and/or have experienced suspicious activity since the breach, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

On June 2, 2025, Highlands Oncology Group, P.A. (“Highlands Oncology”) discovered that they had been the victim of a cyberattack. The company launched an investigation and determined that, between January 21, 2025, and June 2, 2025, an unauthorized actor had access to its file system. The investigated determined a cybercriminal had stolen the personally identifiable information maintained therein. The compromised information includes the following sensitive data:

• name,
• date of birth,
• Social Security number,
• driver’s license/state identification number,
• passport number,
• credit/debit card number,
• financial account number,
• medical treatment information,
• medical record number,
• patient account number, and/or
• health insurance policy information

Highlands Oncology Data Breach

Highlands Oncology recently provided notice of the data breach. All of the information stolen is likely valuable and dangerous to affected victims. As is likely to be the case with the Highlands Oncology data breach, in previous cyberattacks, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, to unauthorized credit card applications, to medical services or government services ordered in their name, to their information being posted on the dark web, to a massive uptick in the number of spam text messages, calls and emails received.