One Community Health Data Breach Lawsuit Investigation
On December 23, 2025, One Community Health began notifying patients that protected health information stored by its clearinghouse vendor TriZetto Provider Solutions had been accessed by an unauthorized party. If you received a letter, you may be entitled to compensation and identity-protection services. Use the resources below to understand your rights and next steps.
What Happened?
TriZetto discovered suspicious activity in a web portal used by healthcare providers on October 2, 2025. A forensic investigation confirmed that, between November 1, 2024 and October 2, 2025, an unauthorized individual accessed historical eligibility transaction reports containing One Community Health patient data.
Information Exposed
The data accessed varied by individual and did not include any payment card or bank information. According to the notice filed with the California Attorney General, the following data elements may have been involved:
- Name
- Address
- Date of birth
- Social Security number
- Health insurance member number (which may include Medicare beneficiary identifiers)
- Health insurance company name
- Primary insured or dependent information
- Other demographic, health, and health-insurance information
Key Dates
- Breach period: November 1, 2024 – October 2, 2025
- Incident discovered: October 2, 2025
- Consumer notices mailed: December 23, 2025
- Reported to CA Attorney General: January 8, 2026
Company Response
TriZetto, in coordination with One Community Health, took these actions:
- Engaged cybersecurity firm Mandiant to investigate
- Eliminated the threat and secured systems
- Notified law enforcement
- Implemented additional security safeguards
- Confirmed no further unauthorized activity after October 2, 2025
Steps You Can Take
One Community Health advises all affected individuals to:
- Review account statements and free credit reports for suspicious activity (annualcreditreport.com)
- Consider placing a fraud alert or security freeze with Equifax, Experian, or TransUnion
- Monitor health-insurance Explanation of Benefits for unrecognized services
Company Overview
One Community Health is a nonprofit healthcare provider headquartered in Sacramento, California. Founded in 1989, the organization delivers primary care, behavioral health, and supportive services to the community.
- Website: onecommunityhealth.com
- Headquarters: 1500 21st Street, Sacramento, CA, United States
- Industry: Healthcare
- Employees: 201–500
- Contact page: onecommunityhealth.com/contact/
- Social: Facebook • X/Twitter • LinkedIn • Instagram • YouTube
Frequently Asked Questions
I received a data breach letter from One Community Health — what should I do?
Follow the steps outlined in the notice: review credit reports, consider a fraud alert or security freeze, and monitor health-insurance statements. Contact the credit bureaus immediately if you spot suspicious activity.
How do I submit a claim related to the One Community Health data breach?
Individuals seeking compensation can consult with a data-breach attorney to explore class-action or individual claims. Keep your breach letter and any evidence of identity theft or expenses for documentation.
Am I eligible to join a lawsuit against One Community Health?
If your personal information was involved, you may qualify. Eligibility typically depends on proof of impact and residency; an attorney can provide specific guidance.
What information did the One Community Health breach expose?
Potentially exposed data include your name, address, date of birth, Social Security number, health-insurance details, and related demographic or health information.
Did One Community Health offer credit monitoring after the breach?
The notice recommends free credit reports and fraud protections but does not mention a complimentary credit-monitoring service.
How many people were affected by the One Community Health breach?
The Attorney General filing did not specify the total number of impacted individuals.
