Ko Kwel Wellness Center (KWC) is providing notice of a data security incident by Trizetto Provider Solutions (TPS), a third party vendor used by our electronic health record system OCHIN EPIC (OCHIN). While this incident affected some patients whose information was processed through that vendor, not all patients were impacted and KWC’s internal systems were not breached.
On October 2, 2025, TPS identified suspicious activity within a web portal used by certain TPS healthcare provider customers. Upon discovering the incident, TPS quickly launched an investigation and took steps to mitigate the issue. TPS also engaged external cybersecurity experts and notified law enforcement and is cooperating fully with their investigation.
Upon discovering the incident, TPS quickly launched an investigation and took steps to mitigate the issue. TPS also engaged external cybersecurity experts and notified law enforcement and is cooperating fully with their investigation. TPS determined that, beginning in November 2024, an unauthorized actor began accessing some of TPS records. The records accessed were related to health insurance eligibility transactions. A comprehensive review of the affected data was conducted to identify what information was involved and the individuals to whom the data was related to. TPS notified OCHIN on December 9, 2025, then OCHIN notified KWC on December 10, 2025.
As noted above, the incident was limited to TPS’s systems; neither KWC’s nor OCHIN’s internal systems were impacted.
The information involved varied by individual and may have included:
No payment card, bank account, or other financial information was involved. TPS cannot determine whether some or all of these data elements for any specific individual were accessed.
KWC remains steadfast in its commitment to providing high quality care while safeguarding the privacy and security of every patient’s information. Protecting those we serve is central to our mission. KWC will be sending its own letter to impacted patients. KWC is working closely with OCHIN to ensure appropriate safeguards are in place and to monitor vendor compliance with security requirements.
TPS has confirmed that the threat has been eliminated and, to help prevent similar incidents in the future, has implemented and continues to implement enhanced security protocols designed to strengthen the security of its services.
To help protect affected individuals, TPS is offering:
Affected individuals will receive a separate letter from Kroll beginning in February 2026 that includes instructions and a unique enrollment code. For more information about Kroll and the identity monitoring services Kroll provides, visit info.krollmonitoring.com.
Although there is no evidence of identity theft or fraud resulting from this incident, individuals are encouraged to remain vigilant by reviewing account statements and monitoring free annual credit reports at AnnualCreditReport.com.
Individuals may also contact the following credit reporting agencies. Any suspicious activity should be reported to your financial institutions immediately.
P.O. Box 1000 Chester, PA 19016
(877) 322-8228
transunion.com
P.O. Box 9532 Allen, TX 75013
(888) 397-3742
experian.com
P.O. Box 740241 Atlanta, GA 30374-0241
(866) 349-5191
equifax.com
TPS has established a dedicated toll free call center for questions about this incident. Individuals can call the dedicated, toll-free call center at (844) 572-2724 between 6 a.m. and 3:30 p.m. Pacific Standard time, excluding major U.S. holidays, for help with any of the following:
Individuals who believe they may have been impacted may also contact Ko‑Kwel Wellness Center at (541) 888-9494 between 8 a.m. and 5 p.m. Pacific Standard time Monday through Friday, excluding Tribal and major U.S. holidays.
You may also email us at PrivacyOfficer@coquilletribe.org. For your security, please DO NOT send any personal or confidential information to this email address.
KWC deeply regrets any inconvenience or concern this incident may cause. Protecting your information is of utmost importance, and we are committed to maintaining the privacy and security of your health information.
Who: TriZetto Provider Solutions (TPS), a third-party technology vendor for healthcare, suffered a breach exposing patient data.
What happened: Hackers accessed TPS’ web portals, stealing Protected Health Information (PHI) and Personally Identifiable Information (PII).
Impact: Affects many healthcare organizations, including Ko-Kwel Wellness Center and its patients/members; potential risk for identity theft.
Kroll’s Role: Kroll was hired by TPS to provide identity theft monitoring and restoration services to affected individuals, hence the connection in notifications. Affected patients will receive a separate letter from Kroll and/or TPS that includes a unique code and instructions to enroll in credit monitoring services.
No. Ko-Kwel Wellness Center (KWC) did not have a breach of its system. A vendor used by OCHIN, our Electronic Health Record System, to operate its billing services called TriZetto Provider Solutions (TPS) noticed their system was impermissibly accessed.
TPS became aware of suspicious activity within a web portal that some of its business partners use to access its systems.
October 2, 2025. TPS immediately investigated and fixed the issue. During its investigation TPS discovered the activity began in November 2024. TPS notified OCHIN on December 9, 2025 and OCHIN notified KWC on December 10, 2025.
KWC sent letters to patients whose information was involved. If you did not receive a letter and your address with us is up-to-date, your information was not involved.
Names, addresses, birthdates, Social Security numbers, health insurance member numbers (which, for some individuals, may be a Medicare beneficiary identifier), provider names, health insurer names, primary insured information, and other demographic, health, and health insurance information.
The incident DID NOT affect any payment card, bank account, or other financial information.
Ko-Kwel Wellness Center remains steadfast in its commitment to providing high quality care while safeguarding the privacy and security of every patient’s information. Protecting those we serve is central to our mission. We are working with OCHIN to help ensure appropriate security measures are in place and to monitor vendor compliance with security safeguards.
Even though KWC was not responsible for the breach, we are also reviewing our own processes to reduce the risk of something like this happening again.
TPS has assured us that after becoming aware of the incident, it immediately took additional protective measures to safeguard its systems and worked with leading cybersecurity experts to conduct a comprehensive investigation of the incident. TPS notified law enforcement and is cooperating with their investigation. TPS has eliminated the threat to the environment.
To help prevent similar incidents from happening in the future, TPS implemented and is continuing to implement additional security protocols designed to enhance the security of its services.
No. The fact that someone may have had access to your information doesn’t mean that you are a victim of identity theft or that your information will be used to commit fraud. We wanted to let you know about the incident so that you can take appropriate steps to protect yourself. The way to protect yourself is to place a fraud alert on your credit files, order your credit reports, and review them for possible problems.
The best way to find out is to order your credit reports from the three credit bureaus: Equifax, Experian, and Trans Union. If you notice accounts on your credit report that you did not open or applications for credit (“inquiries”) that you did not make, these could be indications that someone else is using your personal information without your permission.
No. You can order your credit reports from all three credit bureaus for free once a year. You can do this online at www.AnnualCreditReport.com, or by phone at 1 (877) 322-8228.
You can place a fraud alert on your credit files. Simply call any one of the three credit bureaus at the numbers provided below and follow the “fraud victim” instructions. The one you call will notify the others to place the alert.
You can also consider putting a freeze on your credit through each of the three credit bureaus (Experian, Equifax, and TransUnion) to restrict access to your credit report. Visit the credit bureaus’ websites for more information about credit freezes.
Although we have no evidence that any of your information has been subject to identity theft or fraud, you should always remain alert by regularly reviewing your account statements and monitoring free credit reports and immediately reporting to your banks and other financial institutions any suspicious activity involving your accounts.
We also encourage affected individuals to enroll in the identity monitoring services that Kroll will offer soon. A mailed letter from Kroll will includes instructions and a unique enrollment code.