On October 11, 2024, Tri-City Medical Center, operating under the Tri-City Healthcare District, notified the Attorney General of Maine about a data breach involving unauthorized access to its computer network. The breach exposed sensitive information such as names, addresses, birthdates, Social Security numbers, medical records, health insurance details, and treatment costs. Following the incident, Tri-City initiated an investigation to assess the extent of the breach and began notifying affected individuals.
Based in San Diego, California, Tri-City Healthcare District oversees Tri-City Medical Center, a hospital located in Oceanside, CA, along with outpatient services and various specialty clinics, including orthopedics, primary care, and oncology. The organization employs over 2,100 people and generates approximately $329 million in revenue annually.
The breach was detected on November 9, 2023, when Tri-City identified unusual activity on its network. In response, the system was secured, and the incident was reported to law enforcement. A thorough investigation revealed that unauthorized access had occurred on November 8, 2023, involving files that contained sensitive patient information.
After confirming that confidential data had been exposed, Tri-City reviewed the compromised files to determine the extent of the impact. This review was completed on September 27, 2024. The affected information varied per individual but included personal details like Social Security numbers and medical records.
On October 11, 2024, Tri-City began sending out notification letters to those affected by the breach, outlining the specific information that had been compromised.
