On or around October 31, 2025, Beverly Hills Oncology Medical Group issued a data breach notification following a cybersecurity incident that occurred between approximately February 7 and February 11, 2025. The organization then launched an investigation with third-party cybersecurity experts. The investigation revealed that an unauthorized third party accessed and potentially removed files containing sensitive personal and medical information.
Beverly Hills Oncology Medical Group is a healthcare provider based in California, specializing in oncology services.
The organization sent data breach notification letters to affected individuals and offered complimentary identity protection services through Epiq – Privacy Solutions ID. If you received a Data Breach notification letter from Beverly Hills Oncology Medical Group, it confirms that your information was potentially impacted.
What information is involved in the Beverly Hills Oncology Medical Group Data Breach?
Compromised information may include:
Name
Social Security Number
Driver’s License Number or Government ID Number
Financial Account Information
Credit or Debit Card Information
Health Insurance Policy Information
Treatment, Diagnosis, Prescription and/or Other Clinical Information
Your Personally Identifiable Information (PII) includes details that can be used to identify you. Organizations are legally obligated to safeguard this data, and failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is safeguarded under both federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
Residents of California benefit from additional privacy protections under the California Consumer Privacy Act (CCPA), which grants enhanced rights regarding personal data. Additionally, residents of California also benefit from additional medical privacy protections under the Confidentiality of Medical Information Act (“CMIA”), which specifically grants enhanced protections regarding confidential medical data.
If you received a NOTICE OF DATA BREACH letter from Beverly Hills Oncology Medical Group, your personal, financial, and/or medical information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.