.png)
OncoHealth Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the OncoHealth, Inc data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About OncoHealth
OncoHealth Inc. is a digital health company based in Atlanta, Georgia, that focuses on providing oncology-centered technology and services. Founded in 2009, the company supports health plans, employers, providers and patients with digital platforms and data analytics.
OncoHealth’s offerings include virtual cancer care, real-world data analytics and digital solutions for treatment review.
What Happened?
OncoHealth discovered a significant data breach on Sept. 4, 2025, involving their Zendesk customer service system. The incident began with a phishing attempt in which a fraudulent Zendesk account was mistakenly included in an email sent to Humana Inc., a partner for medical oncology prior authorizations.
This email contained a file with protected health information (PHI) that was inadvertently delivered to the impersonator’s email address as well as to intended Humana employees. The fraudulent account was deactivated on Sept. 5, 2025.
Possible Information Exposed
- First and last name
- Date of birth
- Humana identification number
- Authorization number
OncoHealth notified affected individuals in writing on Oct. 10, 2025, and reported the breach to the Maine Attorney General’s office on Nov. 20, 2025.
Your Rights and Next Steps
If you received a notice from OncoHealth about this data breach, it is important to understand your rights and what actions you can take. The exposure of sensitive information can still put individuals at risk for identity theft and fraud.
If you receive a notice from OncoHealth about this breach, you may want to:
- Monitor your credit reports and account statements for suspicious activity, especially over the next 24 months
- Consider placing a free security freeze or fraud alert on your credit file with the major credit bureaus (Equifax, Experian, TransUnion)
- Change passwords and security questions for online accounts, particularly if the same password is used across multiple sites
- Review billing statements from healthcare providers to check for unauthorized charges or activity
You May Be Entitled to Compensation
If you were affected by the OncoHealth data breach, you may be eligible for compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress.
Lawyers are ready to help you take the next steps. To find out if you qualify and to join a lawsuit, complete the form below.
.svg)