0001799191 2026-05-20 2026-05-20 0001799191 TOI:CommonStockParValue0.0001Member 2026-05-20 2026-05-20 0001799191 TOI:RedeemableWarrantsEachWholeWarrantExercisableForOneShareOfCommonStockEachAtExercisePriceOf11.50PerShareMember 2026-05-20 2026-05-20 false 0001799191 8-K 2026-05-20 THE ONCOLOGY INSTITUTE, INC. DE 001-39248 84-3562323 18000 Studebaker Road Suite 800 Cerritos CA 90703 (562) 735-3226 false false false false Common stock, par value $0.0001 TOI NASDAQ Redeemable warrants, each whole warrant exercisable for one share of Common stock, each at an exercise price of $11.50 per share TOIIW NASDAQ false on November 6, 2025, regarding a cybersecurity incident affecting a software service provider (“Vendor”) utilized by the Company. At the time of the prior voluntary disclosure, the Vendor had indicated that investigation was still ongoing and it could not yet confirm any evidence that any patient personal information was compromised as a result of this incident. However, <span class="xdx_phnt_RGlzY2xvc3VyZSAtIE1hdGVyaWFsIEN5YmVyc2VjdXJpdHkgSW5jaWRlbnQgRGlzY2xvc3VyZQA_" id="xdx_90D_ecyd--MaterialCybersecurityIncidentInformationNotAvailableOrUndeterminedTextBlock_c20260520__20260520_zg2BTwGL9zS8">on May 20, 2026, Kroll, who is the third-party administrator for the Vendor, notified the Company that the Vendor had detected unauthorized access by a third party to certain information systems of the Company, including systems affecting data of patients.</span> The Company believes that the cybersecurity incident has affected various other healthcare service providers, and the Vendor has set up a patient portal through which it intends to provide information and responses to inquiries. on May 20, 2026, Kroll, who is the third-party administrator for the Vendor, notified the Company that the Vendor had detected unauthorized access by a third party to certain information systems of the Company, including systems affecting data of patients. Because of the Company’s technology security and continuity plan, the Company worked swiftly in response, and its operations have continued in all material respects since the detection of the incident. The Company remains committed to protecting the healthcare and other personal information of its patients and will work with the Vendor to offer credit monitoring and protection to all impacted patients. The Company is reserving all rights with respect to potential claims against relevant third parties or service providers. Although the Company’s investigation and assessment remain ongoing, as of the date of this filing, the Company believes that the incident has not had a material impact on the Company’s operations, financial systems, or its quality of care to its patients, and the Company is currently evaluating any other material impact, if any, including on its financial condition or results of operations.