OI A.I CyberSecurity Scoring
OI
Company Information
Website:http://www.theoncologyinstitute.com
Employees number:488
Number of followers:8,450
NAICS:621
Industry Type:Medical Practices
Homepage:theoncologyinstitute.com
OI Risk Score (AI oriented)
Between 600 and 649
OIMedical Practices
Updated:
28/05/2026
28/05/2026
636/1000
Poor
Caa
OI Global Score (TPRM)
xxxx
OIMedical Practices
Score locked

OIPoor
Current Score
636Caa (POOR)
01000
2 incidents
-69 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
641
JUNE 2026
637
MAY 2026
704
Breach
20 May 2026 • OI
TriZetto Provider Solutions and The Oncology Institute: Oncology Institute Discloses Data Breach
Cybersecurity Incident at The Oncology Institute Exposing Patient Data
635
CRITICAL-69
ONCTRI1779733617
Cybersecurity Incident at The Oncology Institute Confirmed to Expose Patient Data
The Oncology Institute (TOI), a leading oncology provider operating over 100 clinics across five states since 2007, has confirmed that a previously disclosed cybersecurity incident resulted in unauthorized access to patient information. The breach originated from a third-party software vendor, first reported to the SEC in November 2025, though the extent of the impact remained unclear at the time.
On May 20, 2026, Kroll, the vendor’s third-party administrator, notified TOI that the vendor had detected unauthorized access to TOI’s systems, including patient data. TOI stated in an SEC filing that the incident likely affected multiple healthcare providers, with the vendor establishing a patient portal for inquiries and disclosures.
While TOI has not named the vendor, the breach’s scope and timeline suggest TriZetto Provider Solutions a Cognizant-owned healthcare technology company as the likely source. TriZetto, which Kroll also represents, reported a separate breach earlier this year impacting 3.4 million individuals across its customer base.
No ransomware group has claimed responsibility for the attack, and the identity of the threat actors remains unknown. TOI has not provided further details on the number of affected patients or the specific data compromised. The incident adds to a growing trend of healthcare breaches, with recent disclosures affecting hundreds of thousands of individuals at other providers.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
703
MARCH 2026
702
FEBRUARY 2026
701
JANUARY 2026
700
DECEMBER 2025
699
NOVEMBER 2025
698
OCTOBER 2025
697
SEPTEMBER 2025
696
AUGUST 2025
695
JANUARY 2025
754
Breach
01 Jan 2025 • OI
Kroll and The Oncology Institute: Oncology Institute says third-party vendor breach compromised patient data
Cybersecurity Incident at The Oncology Institute Exposes Patient Data via Third-Party Vendor
686
CRITICAL-68
ONCKRO1779972089
Cybersecurity Incident at The Oncology Institute Exposes Patient Data via Third-Party Vendor
The Oncology Institute (TOI), a U.S.-based cancer treatment provider with over 100 clinics across California, Oregon, Nevada, Arizona, and Florida, disclosed that patient data was compromised in a 2025 cybersecurity incident involving a third-party software vendor.
The breach, first reported in an SEC filing on November 3, 2025, initially appeared to disrupt fee-for-service collections without evidence of patient data exposure. However, a subsequent update on May 20 revealed that threat actors accessed systems containing patient information, as confirmed by Kroll, the vendor’s third-party administrator.
TOI stated that its security protocols allowed operations to continue largely unaffected, and the company is collaborating with the vendor to provide credit monitoring and protection for impacted patients. The extent of the breach including the number of affected individuals and whether healthcare data was exposed remains undisclosed.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for OI ??
What was OI's A.I Rankiteo Cyber Score in June 2026 ??
What was OI's A.I Rankiteo Cyber Score in May 2026 ??
What was OI's A.I Rankiteo Cyber Score in April 2026 ??
What was OI's A.I Rankiteo Cyber Score in March 2026 ??
What was OI's A.I Rankiteo Cyber Score in February 2026 ??
What was OI's A.I Rankiteo Cyber Score in January 2026 ??
What was OI's A.I Rankiteo Cyber Score in December 2025 ??
What was OI's A.I Rankiteo Cyber Score in November 2025 ??
What was OI's A.I Rankiteo Cyber Score in October 2025 ??
What was OI's A.I Rankiteo Cyber Score in September 2025 ??
What was OI's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on OI's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with OI ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view OI's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?