.png)
Texas Centers Data Breach Impacts 19,776 Individuals
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
Texas Centers for Infectious Disease Associates experienced data breach affecting thousands of current and former patients. TCIDA discovered unusually activity on its network on July 19, 2025 and an investigation revealed an unauthorized actor may have accessed or acquired patient files handled by a former third-party billing vendor.
The breach compromised both personally identifiable information (PII) and protected health information (PHI). Exposed data included names, Social Security numbers, dates of birth, driver’s license numbers, medical record numbers, Medicare and Medicaid numbers, health insurance numbers and medical or treatment information.
The incident was the result of a ransomware attack carried out by the BianLian group, which claimed to have accessed 300 GB of sensitive data. The cybercriminals posted details of the attack on the dark web via the Tor network. Texas Centers for Infectious Disease Associates began notifying affected individuals on June 26, 2025.
The company published a data security incident notice on its website on June 27, 2025 and disclosed the breach to the U.S. Department of Health and Human Services on June 30, 2025.
Texas Centers for Infectious Disease Associates reported the data breach to the Maine, Massachusetts and Texas Attorney Generals' offices beginning on June 30, 2025. Affected current and former patients include 19,213 Texas residents, three in Massachusetts and one Mainer.
Texas Centers for Infectious Disease Associates’ response
In additional to state and federal disclosures, TCIDA is offering free IDX identity theft protection services to affected individuals.
If you receive notification from Texas Centers for Infectious Disease Associates about this breach, you may want to:
- Carefully review any notice or communication you receive and sign up for the free identity theft protection services offered.
- Monitor financial accounts and credit reports for signs of identity theft.
- Consider placing fraud alerts or credit freezes with major credit bureaus.
- Be cautious of unsolicited emails or phone calls requesting personal information.
For more information about Texas Centers for Infectious Disease Associates, visit the TCIDA website.
Protect Your Data
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)