/ Healthcare / By

ION Data Breach ExposedRocky Mountain Oncology Care sensitive information

Woman resting in bed wearing a scarf, using her phone during cancer treatment.

The Rocky Mountain Oncology Care data breach has raised major concerns for patients in Wyoming and beyond. After a phishing attack targeted Integrated Oncology Network (ION), which manages the facility, cybercriminals gained unauthorized access to private patient data. As a result, names, Social Security numbers, medical records, and financial details may now be at risk. Patients affected by the Rocky Mountain Oncology Care data breach should act quickly to protect their identities.

How the Rocky Mountain Oncology Care Data Breach Happened

The data breach occurred after a phishing email compromised ION’s internal systems between December 13 and December 16, 2024. During this window, attackers accessed sensitive information through email and SharePoint accounts. Once ION detected suspicious activity, the organization launched a detailed investigation and began reviewing the affected data to identify those impacted by the Rocky Mountain Oncology Care data breach.

Who Was Impacted by the Rocky Mountain Oncology Care Data Breach?

On June 27, 2025, ION began mailing notification letters to patients whose data was compromised in the Rocky Mountain Oncology Care data breach. If you received a letter, or if you’ve ever received treatment from Rocky Mountain Oncology Care, your private information could be at risk.

What Information Was Exposed in the Rocky Mountain Oncology Care Data Breach?

Through its review, ION discovered that the Rocky Mountain Oncology Care data breach exposed a wide range of personal details, including:

  • Full names

  • Dates of birth

  • Social Security numbers

  • Health insurance details

  • Financial account numbers

  • Medical data (diagnoses, lab results, provider names, treatment dates)

  • Residential addresses

This highly sensitive data can be exploited for identity theft, medical fraud, and financial scams.

What Should Patients Do After the Rocky Mountain Oncology Care Data Breach?

If you received a notification or suspect your information was involved:

  1. Review the statements received from their healthcare providers and health insurance plans. If you see any services that were not received, you should contact the provider or health plan immediately.

  2. Monitor your credit reports and bank accounts for suspicious activity.

  3. Place a fraud alert or security freeze with major credit bureaus.

  4. Take advantage of any free credit monitoring or identity theft protection offered in the letter.

  5. Contact a data breach attorney to understand your legal rights and options.

Taking these steps can help reduce your risk of identity theft and financial loss after the Rocky Mountain Oncology Care data breach.

Legal Help?

Have you recieved the data breach letter from ION?

We want to help you understand your options. Fill out the online form

Free Consultation

Links for more information

U.S Dept of Health and Humas Services

Notice of Breach published on ION 

Other Cancer Care Providers Affected in the ION Data Breach

Number of Individuals affected

10,268

Rocky Mountain Oncology Care

8,270

e+ Oncologics Louisiana, LLC

7,670

California Cancer Associates for Research and Excellence – Fresno

4,403

Mojave Radiation Oncology Medical Group

4,108

South Georgia Center for Cancer Care

3,159

PET Imaging of Tulsa

2,219

Arcadiana Radiation Therapy, LLC

1,935

PET Imaging of Dallas Northeast

1,808

PET Imaging of Sugar Land

1,236

PET Imaging of Houston Medical Center

936

Cancer Care Center of North Florida – Lake Butler