Integrated Oncology Network Data Breach Exposes Sensitive Patient Information

In mid-December 2024, Integrated Oncology Network (ION) experienced a data breach involving unauthorized access to sensitive patient information. According to the company, the breach occurred between December 13 and December 16, 2024, when unauthorized parties gained access to a small number of email and SharePoint accounts.

The investigation, which concluded on May 9, 2025, determined that the likely intent of the intrusion was to carry out an email phishing scheme. However, during this period, certain emails and SharePoint files containing confidential patient data were also accessed.

The exposed information includes both personally identifiable information (PII) and protected health information (PHI) including Social Security numbers, names, addresses, dates of birth, financial account information, diagnosis details, lab results, medication information, treatment information, health insurance and claims data, provider names, and dates of treatment.

The breach’s severity is heightened by the nature of the data involved, which covers both financial and sensitive health information. While the company has not disclosed the exact number of affected individuals, the scope of the breach is significant due to the breadth of information potentially exposed.

The incident was publicly disclosed via ION’s official notice of email phishing incident.

Integrated Oncology Network's response

In response to the breach, Integrated Oncology Network has taken several steps to notify and support affected individuals. On June 13, 2025, ION provided notifications to oncology physician practices whose patients may have been impacted. Beginning June 27, 2025, the company started mailing notification letters directly to those patients.

ION recommends that anyone who thinks they may have been affected carefully review statements from their healthcare providers and health insurance plans. If you notice any services or charges that you did not receive, you should contact your provider or health plan immediately. For questions or concerns about the incident, ION has established a dedicated call center at 855-361-0308, available Monday through Friday from 8:00 a.m. to 8:00 p.m. Central Time, except on major U.S. holidays.

If you are concerned that your information may have been involved, it is important to remain vigilant. Monitor your financial accounts, insurance statements, and credit reports for unusual activity. Promptly report any suspicious transactions to the relevant institutions.

For more information about the organization and its services, you can visit the Integrated Oncology Network website.