Free Case Reviews | No Fee Unless We Recover For You

TriWest Healthcare Alliance Data Breach: What TRICARE Beneficiaries Need to Know

July 13, 2026

NOTICE: If you received a NOTICE OF DATA BREACH letter from TriWest Healthcare Alliance, contact Emery | Reddy, PC at 206.207.8929 for a Free Case Review.

On April 16, 2026, TriWest Healthcare Alliance, the Phoenix, Arizona-based contractor that administers TRICARE health benefits for military service members, Veterans, and their families across the 26-state TRICARE West Region, discovered unauthorized activity on its network. According to the company’s Notice of Data Breach, an unauthorized person accessed and downloaded some of TriWest’s information before the company acted to cut off further access and hired outside experts to investigate.

According to the notice, the information involved may have included your name, Department of Defense Benefits Number, ZIP code, and the type of authorization request you submitted (for example, a request for physical therapy). TriWest has not disclosed how the unauthorized access occurred.

Why the Timeline Matters

TriWest discovered the unauthorized activity on April 16, 2026, but notification letters to affected individuals were not dated until July 2, 2026, roughly eleven weeks later. The breach has been reported to the California and Texas Attorneys General, with at least 2,408 Texas residents identified as affected so far; TriWest has not publicly disclosed the total number of people affected nationwide.

A Department of Defense Benefits Number is not an everyday identifie, it’s tied directly to your TRICARE eligibility and military health benefits. Combined with the type of medical authorization you requested, this incident exposes more than contact information; it can reveal details about the kind of care a service member, Veteran, or family member was seeking.

What information was exposed?

Based on the official notice, the compromised information may include:

Full Name

Department of Defense Benefits Number

ZIP Code

Type of authorization request (e.g. physical therapy)

What Is TriWest Offering Affected Individuals?

TriWest has secured 24 months of complimentary identity monitoring through Experian IdentityWorks. Affected individuals can enroll by visiting the Experian IdentityWorks enrollment portal and entering the activation code included in their letter before October 31, 2026 at 11:59 p.m. UTC. Questions can be directed to TriWest’s dedicated line at 1-833-918-1296, Monday –Friday, 8 a.m. – 8 p.m. Central Time.

Your Information Is at Risk

Even without a Social Security number, the data involved here is sensitive Personally Identifiable Information (PII) tied to a federal benefits program. A Department of Defense Benefits Number can potentially be used to attempt benefits fraud or to link you to military and health records you didn’t choose to disclose.

If you received a Notice of Data Breach letter from TriWest Healthcare Alliance, it confirms your information may have been involved in this incident. Affected individuals should:

  • Enroll in the complimentary Experian IdentityWorks monitoring before October 31, 2026
  • Watch for unusual communications referencing your TRICARE benefits or medical appointments
  • Report any suspicious activity to TriWest at 1-833-918-1296
  • Keep a copy of the notification letter and any correspondence for your records

Do You Have Legal Options?

Government contractors entrusted with military families’ health and benefits information have a legal obligation to safeguard that data. When that obligation is not met, affected individuals, including active-duty service members, Veterans, and their families, may have legal rights and remedies worth discussing with an attorney.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.

FAQ

How many people were affected by the TriWest data breach?

TriWest has not disclosed the total number of people affected nationwide. State filings show at least 2,408 Texas residents identified so far.

What information was exposed?

According to TriWest’s notice, the exposed information may include name, Department of Defense Benefits Number, ZIP code, and the type of authorization request submitted (e.g., physical therapy).

Why did it take TriWest so long to notify people?

TriWest discovered the unauthorized network activity on April 16, 2026, but did not send notification letters until July 2, 2026, about eleven weeks later. TriWest has not explained the reason for the delay.

What should I do if I received a notification letter?

Enroll in the complimentary Experian IdentityWorks monitoring before the October 31, 2026 deadline, watch for suspicious activity related to your TRICARE benefits, and consider speaking with a data breach attorney about your options.

Join the Data Breach Lawsuit

Learn more about your rights to
potential compensation.

Name(Required)
This field is hidden when viewing the form
Upload your files here:
Drop files here or
Max. file size: 256 MB.
    Max. file size: 256 MB.

    Prefer to speak with someone now?

    Call us at ⁨(206) 973-5298 for a Free Case Review.

    NOTICE: If you received a NOTICE OF DATA BREACH letter from TriWest Healthcare Alliance, contact Emery | Reddy, PC at 206.207.8929 for a Free Case Review.

    We Are
    Taking a Break!

    We will be closed:

    December 22 – 26

    We will reopen:

    December 29

    Please leave us a voicemail or submit your contact form and an experienced Intake Specialist will return your call when we reopen. Happy holidays!