Active breach tracker Corvallis, OR Disclosed February 19, 2026 Part of TriZetto / Cognizant cluster

Benton County Health Data Breach 2026: 1,476 Oregon Behavioral Health and Public Health Clients Exposed via Vendor (TriZetto Pattern). What To Do

Benton County Health Services, the Corvallis, Oregon public health and behavioral health agency, disclosed a vendor data breach affecting 1,476 county residents. The incident matches the TriZetto Provider Solutions vendor pattern affecting multiple Oregon county health agencies. Behavioral health, mental health, addictions, and DD services clients potentially in scope. Here is what to do.

You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.

By HealthConsent Editorial Last updated Sources & methodology

Timeline

Oct 2, 2025

Estimated underlying vendor intrusion date (TriZetto detection)

Oct 2, 2025

Breach detected

Jan 16, 2026

HHS OCR filing

Feb 7, 2026

Oregon AG report (1,464 Oregonians)

Feb 19, 2026

Public notice posted to Benton County Health site

Feb 19, 2026

Disclosed publicly

Data exposed

01

High-risk identity

Enables financial + identity theft

Likely names, date of birth, addresses, member IDs (per TriZetto pattern) Possible Social Security numbers (in some cases)

03

Contact & insurance

Phishing + targeted scams

Likely insurer names, coverage details Affected programs likely span behavioral health, mental health, addictions, public health, DD services

Class actions filed by

These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.

TriZetto-level class actions pending in New Jersey and Missouri federal courts (not Benton-specific)
If you received a letter

Your action plan, in five steps.

You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.

01

Accept credit monitoring

It’s the floor of the response. Take it.

02

Freeze your credit

Free at Equifax, Experian, TransUnion.

03

File IRS Form 14039

Prevent fraudulent tax return under your SSN.

04

Review your EOBs

Insurance statements catch medical identity theft early.

05

Stop the ongoing flow

Credit monitoring doesn’t cover your health records. HealthConsent does.

Jump to step 5: protect my health data

What happened

Benton County Health Services is the public health and behavioral health agency for Benton County, Oregon (Corvallis area, home of Oregon State University). The agency has four divisions:

  • Behavioral Health — mental health and substance use treatment
  • Public Health — epidemiology, communicable disease, immunizations
  • Healthy Communities — prevention and community health
  • Developmental Diversity — DD services

Benton County also operates Community Health Centers, a Coordinated Homeless Response program, and the Benton County Crisis Center.

Benton County Health posted a vendor-incident banner on its homepage on February 19, 2026 stating: “One of Benton County Health’s vendors was impacted by a security incident, which affected some of the patients’ or their primary insureds’ protected health information.”

This is consistent with the TriZetto Provider Solutions / Cognizant breach pattern — the insurance-eligibility verification vendor where unauthorized access between November 2024 and October 2, 2025 exposed ~3.4 million individuals nationwide. The Oregon notification wave covered multiple county health agencies: Deschutes County Health Services (~1,300), La Pine Community Health Center (~1,200), Best Care (~1,650), and Benton County Health.

Filings:

  • HHS OCR: 1,476 affected (filed January 16, 2026)
  • Oregon AG: 1,464 Oregonians (filed February 7, 2026)
  • Public notice on Benton’s website: February 19, 2026

The HHS OCR filing date (January 16) predates the public Oregon AG report by 3 weeks and the public website banner by ~5 weeks — Benton appears to have filed federal notice as soon as the vendor (TriZetto) provided the impacted-individual list.

No ransomware leak-site post or claim against Benton County government has been identified.

What was potentially exposed

Benton has not enumerated specific PHI categories in machine-readable form on its website (the vendor-incident text appears on the homepage banner only). Per the TriZetto pattern affecting other Oregon county health agencies:

  • Full name
  • Date of birth, address
  • Member ID number
  • Insurer name, coverage details
  • Social Security number (in some cases)

Because Benton routes claims through eligibility verification for clients across behavioral-health, addictions, public-health, and DD-services programs, the affected population likely cuts across these sensitive program lines, including mental health and substance-use service users.

No public confirmation of vaccine-record exposure.

What is being offered

Benton’s full notification letter and call-center details are not publicly indexed. If TriZetto is confirmed as the upstream vendor, the standard package routed through Kroll has been 12 months of credit monitoring and identity protection.

Read your specific notification letter for activation details.

What to do

  1. Watch for a Benton County Health notification letter if you are a behavioral health, addictions, public health, or DD services client.
  2. Read your letter carefully to confirm the vendor name and the data elements involved in your case.
  3. Place free credit freezes at Equifax, Experian, TransUnion as a baseline precaution.
  4. If your behavioral health or substance use treatment was in scope, consider whether 42 CFR Part 2 (federal protections for SUD records) gives you stronger re-disclosure protections than HIPAA.
  5. Stop the ongoing flow of your county health data through claims intermediaries. HealthConsent files HIPAA restriction requests covering insurance eligibility and claims-routing pathways.

Continue reading

Stop your data from spreading further

Credit monitoring covers your wallet. HealthConsent covers your health records.

Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.

Protect my health data

Cancel anytime · Family plan covers spouses + dependents

About this page

This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.