Supply Chain Healthcare · United States · February 2026

Terry Reilly Health Services

Analysis of the Terry Reilly Health Services breach via TriZetto supply chain cascade exposing SSNs and health data.

Records Affected

Unknown

Attack Type

Supply Chain

Location

United States

Data types exposed

Names addresses Social Security numbers health data

What Happened

In February 2026, Terry Reilly Health Services disclosed that patient data was exposed as a downstream impact of the TriZetto Provider Solutions breach, flowing through OCHIN to Terry Reilly.
The compromised data includes names, addresses, SSNs, and health data. This illustrates how supply chain compromises cascade through multiple layers of healthcare IT providers.

Timeline

  • November 2024 — TriZetto Provider Solutions breach begins
  • October 2025 — TriZetto breach detected
  • February 2026 — Terry Reilly Health Services notifies patients of exposure through TriZetto/OCHIN supply chain

Impact and Risk Assessment

For Individuals

Patients had SSNs and health data exposed through a supply chain they likely had no awareness of.
The multi-tier nature of the breach means extended notification timelines, with patients learning of the exposure well after the initial compromise.

For Organisations

Terry Reilly must manage patient notification for a breach originating two tiers removed in their supply chain.
OCHIN, as an intermediary, also faces scrutiny over its vendor management of TriZetto.

Regulatory Context

HIPAA breach notification requirements apply at each tier of the supply chain. Each entity must notify its own patients or downstream partners.

What Should You Do?

For Individuals

  • If you receive care from Terry Reilly Health Services, take advantage of any credit monitoring offered and monitor your credit reports.

For Security Professionals

  • Map your entire data supply chain, including fourth-party relationships. Understand where patient data flows through third and fourth parties.
  • Include supply chain breach scenarios in your incident response planning.

Learnings and Recommendations

This incident demonstrates multi-tier supply chain risk: TriZetto was breached, which affected OCHIN, which in turn affected Terry Reilly's patients. Each link in the chain added delay to notification.
Healthcare organisations should map their entire data supply chain and understand where patient data flows through third and fourth parties.
This advisory summarises a publicly reported cybersecurity incident for educational purposes. Information is sourced from publicly available reports and may include claims that are unverified or disputed. Inclusion does not imply fault or negligence by the affected organisation.
Back to all advisories