Synergy Radiation Oncology: Patient Names Exposed in Breach

Synergy Radiation Oncology Medical Group experienced a major data breach impacted patient data. The breach occurred over a three-day period, from Dec. 13 to Dec. 16, 2024, due to an email phishing attack that resulted in unauthorized access of Integrated Oncology Network (ION) employee email and SharePoint accounts.

Integrated Oncology Network, a company that owns and provides administrative services to several oncology practices, disclosed the data breach to Synergy on June 13, 2025.

The cybersecurity incident compromised both personally identifiable information (PII) and protected health information (PHI). Exposed information includes Social Security numbers, names, addresses, dates of birth, financial account information, diagnosis, lab results, medication, treatment information, health insurance and claims information, provider names, and dates of treatment.

Synergy disclosed the data breach to the California Attorney General's office on July 15, 2025. The total number of affected patients has not been released.

Synergy Radiation Oncology Medical Group's response

In addition to required state and federal disclosures, impacted individuals have been notified by mail. Affected patients are being offered free credit monitoring through Epiq Privacy Solutions ID.

If you receive a data breach notice from Synergy Radiation Oncology Medical Group or Integrated Oncology Network about, you may want to:

• Carefully review any notice or communication you receive and sign up for free Epiq Privacy Solutions ID credit monitoring offered.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about Synergy Radiation Oncology Medical Group, visit the healthcare organization's website.