Radiation Oncology Network Breach Affects 12,944 Individuals

Published

July 17, 2025

Updated

July 18, 2025

Radiation Oncology Network

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Radiation Oncology Network of Southern California experienced a major data breach affecting multiple locations and tens of thousands of patients. The cybersecurity incident compromised both personally identifiable information (PII) and protected health information (PHI).

The breach occurred over a three-day period, from Dec. 13 to Dec. 16, 2024, due to an email phishing attack that resulted in unauthorized access of Integrated Oncology Network (ION) employee email and SharePoint accounts. Compromised information includes Social Security numbers, names, addresses, dates of birth, financial account information, diagnosis, lab results, medication, treatment information, health insurance and claims information, provider names, and dates of treatment.

Integrated Oncology Network, a company that owns and provides administrative services to several oncology practices, disclosed the data breach to Radiation Oncology Network of Southern California on June 13, 2025. Radiation Oncology Network of Southern California disclosed the cybersecurity incident to the U.S. Department of Health and Human Services on June 27, 2025.

The data breach was also reported to the California Attorney General's office on July 15, 2025. At least 12,944 patients were impacted by the incident.

Radiation Oncology Network of Southern California, LLC's response

In addition to required disclosures, affected patients can receive free Epiq Privacy Solutions ID credit monitoring services.

If you receive a data breach notice from Radiation Oncology Network of Southern California or Integrated Oncology Network about, you may want to:

Carefully review any notice or communication you receive and sign up for free Epiq Privacy Solutions ID credit monitoring offered.
Monitor financial accounts and credit reports for signs of identity theft.
Consider placing fraud alerts or credit freezes with major credit bureaus.
Be cautious of unsolicited emails or phone calls requesting personal information.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.