Option Care Health Data Breach Investigation
Option Care Health, Inc. was listed on the California Attorney General’s data security breach portal in April 2026 in connection with a reported hacking/IT incident. The public filing suggests certain personal and health information may have been involved, but detailed notice language was not publicly accessible in the materials reviewed. If you received a notice or believe your information may be affected, this page explains the key facts, practical next steps, and general legal rights. You can also fill out the form on this page to see whether Strauss Borrelli PLLC can evaluate your potential claim.
Option Care Health, Inc. is an Illinois-based company in the healthcare industry. A California regulatory filing lists the company in connection with a reported hacking/IT incident. Because the publicly accessible materials are limited, the summary below focuses on what the filing states and what affected individuals can do next.
Key Facts at a Glance
- Company: Option Care Health, Inc.
- Industry: Healthcare
- Incident type listed: Hacking/IT Incident
- Dates listed in filing: February 6, 2026 and February 9, 2026
- Public listing date: April 6, 2026
- Information reported as potentially involved: Name, date of birth, medical record number, and health records
- Reported information location: Email
- Affected individuals: Not stated in the available public filing
What Happened?
According to a California Attorney General filing, the company was listed in connection with a reported hacking/IT incident. The public listing appeared on April 6, 2026 and includes February 6 and February 9, 2026 as dates associated with the event. Detailed information from the official notice is not publicly accessible at this time; the document retrieval available in the source materials returned an unrelated California Department of Justice meetings page rather than a readable breach notice. For that reason, the information here is based on the regulatory filing and should be read as preliminary.
If you receive a direct letter or email, it may contain more specific information about whether your data was involved and what assistance, if any, is being offered.
What Information Was Exposed?
The filing indicates that the information potentially involved may have included a person’s name, date of birth, medical record number, and health records. The structured case information also identifies email as the reported location associated with the information. Because a full public notice was not available for review, readers should treat these items as reported data elements rather than a complete or final list.
When medical details and identifying information are implicated together, common concerns include medical identity theft, phishing, and misuse of account or billing information. Even without public confirmation of misuse, it is sensible to stay alert for unusual provider communications, insurance statements, or account activity.
What Should You Do Next?
- Save any notice you receive. Keep the letter or email and any attachments. It may explain what information was involved for you and whether any support services are available.
- Review medical and financial activity. Look over explanation-of-benefits statements, provider bills, and bank or card activity for anything you do not recognize.
- Secure related accounts. Update passwords for email and healthcare portals, especially if you reuse passwords, and enable multi-factor authentication where possible.
- Consider fraud protections. A fraud alert or credit freeze can help reduce the risk of new-account fraud if you are concerned about identity theft.
- Watch for scams. After a reported cyber incident, criminals sometimes send convincing follow-up emails or calls. Verify requests for personal information before responding.
- Learn about your options. If you think your information may have been involved, fill out the form on this page to see whether Strauss Borrelli PLLC can evaluate a potential claim.
Your Legal Rights
If personal or health information was involved in a reported security incident, you may have rights under state or federal law depending on the facts. In some cases, affected individuals may seek reimbursement for certain out-of-pocket losses, recover damages allowed by law, or participate in litigation asking the court for relief and improved data safeguards.
Because the full public notice was not available here, important details remain unknown, including the total number of people affected and whether any additional data elements were involved. That means any legal assessment must be based on the actual notice, your circumstances, and the evidence that becomes available over time.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC has experience representing consumers in data breach and privacy matters and understands how reported cybersecurity incidents can affect both financial and medical privacy. Our firm follows regulatory filings closely, investigates what companies disclose, and helps clients understand whether a claim may be worth pursuing. If you received a notice tied to this reported incident, contact us using the form provided to request a review.
If you received a breach notification letter from Option Care Health:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
Frequently Asked Questions
Did Option Care Health report a data incident?
A California Attorney General filing lists Option Care Health, Inc. in connection with a reported hacking/IT incident. The public materials reviewed did not include a detailed notice, so the filing is the main public source currently available.
What information may have been involved in the Option Care Health incident?
The available filing indicates that the information potentially involved may have included name, date of birth, medical record number, and health records. The structured reporting also identifies email as the location associated with the information.
How can I tell whether I was affected?
The clearest way to know whether you were affected is to review any direct notice from Option Care Health, Inc. or a related vendor. If you receive a letter or email, keep it because it may identify the data involved and any services being offered.
What should I do if I receive a notice about this incident?
If you receive a notice, keep a copy, review which data elements were listed for you, monitor medical and financial accounts, update passwords, and consider fraud alerts or a credit freeze. If you want to understand your legal options, you can contact Strauss Borrelli PLLC.
Was the number of affected people disclosed?
The public filing reviewed here did not state how many people may have been affected. That detail may appear later in a direct notice or updated regulatory materials.
