Variety Care
Data Breach Class Action Lawsuit

Posted: January 15, 2026 -- Variety Care data breach class action lawsuit investigation.

Abington Cole + Ellery is investigating the data breach recently announced by Variety Care and may be filing a class action lawsuit on behalf of victims.

Variety Care Data Breach Summary:

In mid-January, 2025, Variety Care, an Oklahoma City based health center, disclosed a security incident involving unauthorized access to sensitive data, which took place or around November of 2024. Approximately 17,000 individuals were affected by the Variety Care data breach, and breached data may include, but is not necessarily limited to: name, address, date of birth, Social Security number, health insurance member numbers (including Medicare identifiers), insurer name, provider name, and other demographic/health/insurance information. As a result of the data breach, Variety Care is offering free credit monitoring and/or identity theft protection services to affected individuals.

FREE CONSULTATION: If you are a victim of the Variety Care data breach, and interested in potentially volunteering to serve as a class representative in a class action lawsuit against Variety Care, please submit your information here to be considered:

An attorney-client relationship is not formed by submitting information through this website.

Variety Care Data Breach Details:

Variety Care says the incident originated at TriZetto Provider Solutions (TPS), a third-party “business associate” that supports certain transactions for healthcare providers. According to the notice, TPS identified suspicious activity on October 2, 2025 involving a web portal that some provider customers use to access systems, and TPS began an investigation, brought in outside cybersecurity experts, and notified law enforcement. On the federal HHS breach portal, Variety Care’s incident is listed as a reported breach affecting 17,163 individuals, with a breach submission date of December 22, 2025, and a business associate involved.

As for what happened and how it happened, TPS concluded that an unauthorized actor had been accessing certain records tied to insurance eligibility verification transactions (used to check whether insurance coverage applies for services). Variety Care’s notice says this unauthorized access began in November 2024, and that the exposed data came from records connected to those eligibility transactions. Public-facing notices describe the portal activity and the data involved, but they do not specify the exact technical method (for example, the precise software flaw or credentials issue) that allowed the access.

Variety Care reports that the information potentially accessed varied by person and could include identifiers such as name, address, date of birth, Social Security number, health insurance member numbers (including Medicare identifiers), insurer name, provider name, and other demographic/health/insurance information, and it states that no payment card or bank account information was involved. In terms of notification timing, Variety Care says TPS began notifying affected providers on December 9, 2025, and that impacted patients would receive a mailed letter in January 2026; it also describes offered services through Kroll (with availability starting February 9, 2026 and an enrollment deadline of February 28, 2026).

The Variety Care Website may also have additional information about or provide periodic updates regarding the data breach.

About Variety Care:

Variety Care is a nonprofit community health center and federally qualified health center (FQHC) founded and headquartered in Oklahoma City, Oklahoma, providing outpatient health services through multiple sites and programs across the state (18 locations and service in 30 counties). Its services include primary medical care for adults and children as well as pediatrics, women’s health (including pregnancy/newborn care), behavioral health, dental and vision care, urgent care, lab services, and WIC nutrition support. Variety Care also notes that uninsured and underinsured patients may qualify for a sliding fee scale and that it can help people apply for coverage such as SoonerCare or Marketplace insurance. Variety Care’s current structure dates to a 2009 merger of Oklahoma Community Health Services and Variety Health Center, with the Variety Health Center tracing back to 1932.

Additional Information:

U.S. Department of Health & Human Services - Office for Civil Rights

For more information about steps you can take to possibly reduce the chances harm arising from a data breach, please review the following article: What are some steps you can take if you've been the victim of a data breach?

If you believe you are a victim of the Variety Care data breach, and if you would like to volunteer to serve as a class representative in a class action lawsuit regarding this data breach, please submit your information via the form on this webpage. This website is not associated with nor authorized by Variety Care or any affiliated companies. If you have received any other data breach notifications, you may to review Abington Cole + Ellery's current list of data breach investigations.