Tri-City Cardiology Consultants Data Breach 2025: 22,753 Patients Exposed in Phoenix Network Intrusion
Tri-City Cardiology Consultants, P.C., a Phoenix-area cardiology practice, identified an attempted infiltration of its computer network on April 6, 2025. Names, health insurance information, and protected health information for 22,753 individuals may have been viewed or obtained. The practice filed a HIPAA breach notification with HHS OCR on May 8, 2025.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Apr 6, 2025
Attempted infiltration of Tri-City Cardiology's computer network identified; immediate action taken to secure the network
May 8, 2025
HIPAA breach notification filed with HHS Office for Civil Rights reporting 22,753 affected individuals (Hacking/IT Incident, Network Server)
May 13, 2025
Strauss Borrelli PLLC publishes investigation notice for affected individuals
May 19, 2025
HIPAA Journal publishes coverage of the breach disclosure
Apr 6, 2025
Attempted infiltration of Tri-City Cardiology's computer network identified; immediate action taken to secure the network
May 8, 2025
HIPAA breach notification filed with HHS Office for Civil Rights reporting 22,753 affected individuals (Hacking/IT Incident, Network Server)
May 13, 2025
Strauss Borrelli PLLC publishes investigation notice for affected individuals
May 19, 2025
HIPAA Journal publishes coverage of the breach disclosure
Data exposed
01
High-risk identity
Enables financial + identity theft
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
Tri-City Cardiology Consultants, P.C., a Phoenix-area cardiology medical group that operates ten Arizona locations and specializes in cardiology, electrophysiology, interventional cardiology, and vascular medicine, identified an attempted infiltration of its computer network on or around April 6, 2025. On May 8, 2025, the practice filed a HIPAA breach notification with the U.S. Department of Health and Human Services Office for Civil Rights, reporting 22,753 affected individuals in a Hacking/IT Incident at the Network Server.
The entity stated that while no evidence indicated the network was accessed specifically to obtain patient data, an unauthorized third party may have viewed or obtained names, health insurance information, and protected health information. Tri-City Cardiology confirmed that Social Security numbers were not compromised. Complimentary credit monitoring and identity theft protection were offered to affected individuals out of an abundance of caution.
Timeline
- April 6, 2025 — Attempted infiltration of Tri-City Cardiology’s computer network is identified. The practice takes immediate action to secure its network and prevent further unauthorized access.
- May 8, 2025 — Tri-City Cardiology files a HIPAA breach notification with HHS OCR reporting 22,753 affected individuals, categorized as a Hacking/IT Incident at the Network Server.
- May 13, 2025 — Strauss Borrelli PLLC publishes a public investigation notice inviting affected individuals to contact the firm regarding potential legal remedies.
- May 19, 2025 — HIPAA Journal publishes coverage of the disclosure, confirming the 22,753 count and the categories of data potentially involved.
- 2025–2026 — Federman & Sherwood and Strauss Borrelli continue plaintiff-side investigations; no consolidated class action has been publicly reported in the sources reviewed.
What was exposed
According to the entity’s disclosure as summarized by HIPAA Journal:
- Names
- Health insurance information
- Protected health information (categories not individually itemized)
The practice explicitly stated that Social Security numbers were not compromised. The HHS OCR portal entry categorizes the incident as a Hacking/IT Incident affecting a Network Server, but it does not enumerate specific data elements. No ransomware group has publicly claimed responsibility, and no leak-site posting referencing Tri-City Cardiology has been independently reported.
What the entity is offering
Tri-City Cardiology offered complimentary credit monitoring and identity theft protection services to affected individuals, per the entity’s statement. Enrollment instructions are provided in the individual notification letters. As of the last update to this page, the duration of the offering and the name of the monitoring vendor have not been independently confirmed in publicly available sources.
Class-action and regulatory posture
The HHS OCR investigation remains open on the federal breach portal. No consolidated class-action lawsuit has been publicly reported in the sources reviewed as of this update. Two plaintiff-side firms have publicly opened investigations:
- Strauss Borrelli PLLC — investigation notice published May 13, 2025.
- Federman & Sherwood — investigation notice posted to the firm’s blog.
Affected individuals considering legal options should be aware that opening an investigation is not the same as filing a complaint. No case caption, case number, or court has been publicly identified for Tri-City Cardiology breach litigation in the materials reviewed.
A separate, unrelated False Claims Act matter involving Tri-City Cardiology and three of its physicians was announced by the U.S. Department of Justice in March 2026, resulting in a $4.75M settlement over allegations of medically unnecessary vein ablations between 2017 and 2022. That matter is not related to the 2025 data breach but is mentioned here because press coverage occasionally conflates the two.
What to do if you may be affected
- Watch for a notification letter at the address on file with Tri-City Cardiology Consultants. The letter will identify the data elements specific to you and provide the enrollment code for the complimentary monitoring service.
- Enroll in the offered credit monitoring. Even though Social Security numbers were reportedly not compromised, monitoring remains useful for catching medical-identity-theft activity tied to your health insurance information.
- Freeze your credit with Equifax, Experian, and TransUnion. It is free, reversible, and the single highest-leverage protection against identity theft regardless of which data elements were exposed.
- Review your Explanations of Benefits. Because health insurance information was potentially exposed, scrutinize every EOB from your health plan for services you did not receive and report anomalies to your insurer immediately.
- Be alert to targeted phishing. Threat actors who hold name and health-insurance context can craft convincing follow-on lures purporting to come from Tri-City Cardiology, your insurer, or a “settlement administrator.” Verify any such outreach directly with the practice or your insurer using a number you obtain independently.
Sources
- HHS Office for Civil Rights Breach Portal — federal regulatory record (filing dated 2025-05-08, 22,753 individuals, Hacking/IT Incident, Network Server).
- HIPAA Journal — Tri-City Cardiology Consultants & Northeast Georgia Health System Announce 21K+ Record Data Breaches — discovery date, affected count, data categories, credit-monitoring offer.
- Strauss Borrelli PLLC — Tri-City Cardiology Data Breach Investigation — plaintiff-side investigation notice and practice background.
- Federman & Sherwood — Tri-City Cardiology Consultants, P.C. Data Breach Investigation — second plaintiff-side investigation notice.
- ClaimDepot — Tri-City Cardiology Consultants Data Breach Affects 22,753 Patients — disclosure timeline and aggregated breach summary.
- Becker’s ASC — Arizona cardiology group suffers data breach affecting 22,000 — established trade-press confirmation of scope and entity.
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- HHS Office for Civil Rights Breach Portal
- HIPAA Journal — Tri-City Cardiology Consultants & Northeast Georgia Health System Announce 21K+ Record Data Breaches
- Strauss Borrelli PLLC — Tri-City Cardiology Data Breach Investigation
- Federman & Sherwood — Tri-City Cardiology Consultants, P.C. Data Breach Investigation
- ClaimDepot — Tri-City Cardiology Consultants Data Breach Affects 22,753 Patients
- Becker's ASC — Arizona cardiology group suffers data breach affecting 22,000
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.