Cyber Incident Victim: Cancer Treatment Centers of America

On January 28, 2021, Cancer Treatment Centers of America (CTCA) Midwestern Regional in Zion, Illinois, began notifying patients regarding a cybersecurity incident involving unauthorized access to an employee email account. The organization detected suspicious activity on the account and subsequently launched an investigation with assistance from a third-party forensics firm. The forensic analysis determined that an unauthorized party potentially accessed the email account between January 12 and January 18, 2021. The compromised account contained patient information including names, medical data, and health insurance details, though CTCA confirmed financial information and Social Security numbers were not exposed. Approximately 105,000 patients were affected by this breach. CTCA responded by immediately changing the compromised account’s password, rendering the previous credentials inoperable. The organization publicly disclosed the incident via a news release on March 19, 2021, over seven weeks after initiating patient notifications.

CTCA implemented additional security measures following the investigation and stated it was evaluating further enhancements to its cybersecurity posture. The organization committed to continuing employee education programs focused on recognizing and mitigating cybersecurity threats. Affected patients were advised to monitor their healthcare benefits statements for unfamiliar services and to contact their health plan providers regarding any unusual activity. No evidence of actual misuse of patient data was reported at the time of disclosure. The incident highlighted risks associated with email account compromises in healthcare settings, particularly the exposure of sensitive medical and insurance information. CTCA’s response emphasized credential remediation, procedural reviews, and workforce training as primary containment and prevention strategies.