On or around June 2, 2025, Highlands Oncology Group PA (“Highlands”) became aware of suspicious activity on its computer systems, indicating a data breach. Based on a subsequent forensic investigation, Highlands determined that cybercriminals infiltrated its inadequately secured computer network between January 21, 2025, and June 2, 2025. The investigation further determined that, through this infiltration, cybercriminals potentially accessed and/or obtained files containing the sensitive personal information of 113,575 individuals.
The information exposed in the data breach includes, but is not limited to:
- Names
- Social Security numbers
- Financial account information
- Credit card or debit card information
- Medical treatment information
- Health insurance information
- Dates of birth
- Driver’s license numbers
- Passport information
As a result of the Highlands data breach, these individuals’ personal and highly confidential information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity fraud.
Murphy Law Firm is investigating claims on behalf of all individuals whose personal and confidential information was potentially compromised in the data breach. We are evaluating legal options, including a potential class action lawsuit, to recover damages for individuals who were affected by the Highlands Oncology Group data breach.