Healthcare data breaches
Healthcare data breaches can result from hacking, data theft, loss or unauthorized access. Whatever the cause, these breaches can potentially jeopardize patient privacy by exposing protected health information. Understanding the latest data breach patterns can help healthcare organizations mitigate risk.
Top Stories
-
News
10 Jul 2024
Change Healthcare publishes data breach notice
Change Healthcare has begun mailing data breach notification letters to affected individuals. Continue Reading
-
News
09 Jul 2024
HSA administrator discloses healthcare data breach
In an SEC filing, HealthEquity disclosed a healthcare data breach that stemmed from unauthorized access to a business partner’s user account. Continue Reading
-
News
04 Jan 2023
Arkansas Hospital Notifies Patients of Healthcare Data Breach
As the new year begins, healthcare data breach reports continue to roll in. Continue Reading
-
News
03 Jan 2023
Louisiana Health System Notifies 270K of Healthcare Data Breach
Lake Charles Memorial Health System in Louisiana recently notified patients of a healthcare data breach that occurred in October. Continue Reading
-
News
23 Dec 2022
MultiCare Notifies 23K of Third-Party Breach
MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith. Continue Reading
-
News
22 Dec 2022
Third-Party Data Breach Impacts 271K at Oklahoma Healthcare Administrative, Tech Services Company
Avem Health Partners said it was evaluating its vendor relationships after a third-party data breach potentially exposed patient information. Continue Reading
-
News
19 Dec 2022
GA Health System Reports Healthcare Data Breach
Emory Healthcare (EHC), Epic Management, and NYC Health + Hospitals recently disclosed healthcare data breaches. Continue Reading
-
News
15 Dec 2022
CMS Responds to Third-Party Data Breach Impacting 254K Medicare Beneficiaries
Initial investigations into the third-party data breach suggest that Healthcare Management Solutions “acted in violation of its obligations to CMS,” the agency stated. Continue Reading
-
News
13 Dec 2022
CA Hospital Notifies Patients of Healthcare Data Breach
An unauthorized party accessed San Gorgonio Memorial Hospital’s network and copied some files, resulting in a healthcare data breach. Continue Reading
-
News
12 Dec 2022
CareFirst Administrators Impacted By Phishing Scam at RCM Vendor
CareFirst Administrators notified more than 14,000 individuals of a phishing scam that impacted Conifer, its revenue cycle management vendor. Continue Reading
-
News
05 Dec 2022
CommonSpirit Ransomware Attack Impacted Patient Data at Virginia Mason Franciscan Health
CommonSpirit issued a breach notice to patients of Virginia Mason Franciscan Health in Washington state following a large-scale ransomware attack. Continue Reading
-
News
01 Dec 2022
Latest Healthcare Data Breaches Impact Providers Across the Country
Recent healthcare data breaches impacted Dallam Hartley Counties Hospital District in Texas, Mena Regional Health System in Arkansas, and more. Continue Reading
-
News
29 Nov 2022
Third-Party Data Breach Impacts 119 Pediatric Practices, 2.2M Patients
The healthcare data breach occurred at Connexin Software, a provider of pediatric-specific health IT solutions. Continue Reading
-
News
28 Nov 2022
Community Health Network Notifies 1.5M of Data Breach Stemming From Tracking Tech
The health system used third-party tracking technologies to track user trends, but later discovered that the tools were collecting more information than the health system “had ever intended.” Continue Reading
-
News
22 Nov 2022
Healthcare Data Breach At PA Rehab Center Impacts 130K
Along with Gateway Rehabilitation Center, University Medical Center of Southern Nevada and Yakima Neighborhood Health Services also reported healthcare data breaches recently. Continue Reading
-
News
14 Nov 2022
Latest Healthcare Data Breaches Have Varying Impacts on Health Data
The latest string of healthcare data breach notifications includes breaches at a New York police union, a California post-acute care facility, and a Colorado FQHC. Continue Reading
-
News
10 Nov 2022
Most EHRs Back Online at CommonSpirit Health Following Ransomware Attack
In its most recent update about the October ransomware attack, CommonSpirit Health assured patients that the majority of impacted providers have regained access to EHR systems. Continue Reading
-
News
09 Nov 2022
Louisiana Corrections Department Suffers Third-Party Data Breach, 85K Impacted
The third-party breach originated at CorrectCare and potentially exposed the information of inmates who received care between 2013 and 2022. Continue Reading
-
News
04 Nov 2022
OakBend Medical Center Provides Healthcare Data Breach Notice
OakBend confirmed that the healthcare data breach resulted in data encryption and exfiltration. Continue Reading
-
News
03 Nov 2022
St. Luke’s Health Suffers Third-Party Data Breach, Unrelated to CommonSpirit Attack
Texas-based St. Luke’s Health notified nearly 17,000 individuals of a third-party vendor data breach that originated at Adelanto Healthcare Ventures, a consulting services vendor. Continue Reading
-
News
02 Nov 2022
Eye Care Leaders Data Breach Impacts 15K at Oklahoma Eye Care Practice
The Eye Care Leaders data breach tally continues to grow nearly one year after the incident was first discovered. Continue Reading
-
News
28 Oct 2022
Michigan Medicine Notifies 33K Patients of Phishing Attack
Four Michigan Medicine employees fell victim to the phishing attack, enabling unauthorized access to their email accounts. Continue Reading
-
News
27 Oct 2022
Healthcare Data Breach at GA Cardiology Practice Impacts 71K
The healthcare data breach at Ascension St. Vincent’s Coastal Cardiology impacted recently acquired legacy systems. Continue Reading
-
News
25 Oct 2022
NM Radiology Practice Health Data Breach Results in PHI Exposure
New Mexico-based Radiology Associates of Albuquerque discovered a health data breach in August 2021 that involved unauthorized access to patient PHI. Continue Reading
-
Answer
24 Oct 2022
Ransomware Attack Has Varying Impacts Across CommonSpirit Facilities
CommonSpirit Health is still recovering from a ransomware attack that impacted multiple facilities across the health system. Continue Reading
-
News
20 Oct 2022
3M Advocate Aurora Health Patients Face PHI Exposure Tied to Tracking Pixels
Advocate Aurora Health discontinued its use of tracking pixels after discovering that they potentially resulted in patient PHI exposure. Continue Reading
-
News
17 Oct 2022
Healthcare Data Breach Impacts 13 Anesthesia Providers, 380K Individuals
Healthcare data breach notifications for this incident have been sparse, but more than 380,000 individuals were impacted. Continue Reading
-
News
17 Oct 2022
Keystone Health Data Breach Impacts PHI of 235K Individuals
Pennsylvania-based Keystone Health discovered a data breach in August that potentially impacted more than 235,000 individuals. Continue Reading
-
News
13 Oct 2022
CommonSpirit Updates Patients, Confirms Ransomware Attack
CommonSpirit confirmed that the IT security incident it has been dealing with for the past week was a ransomware attack. Continue Reading
-
News
13 Oct 2022
PA Dermatology Practice Suffers Healthcare Data Breach, 33K Impacted
Aesthetic Dermatology Associates, Family Medicine Shady Grove, and Cardiac Imaging Associates all recently disclosed healthcare data breaches. Continue Reading
-
News
12 Oct 2022
Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident
IT outages, appointment cancellations, and suspended patient portal access remain challenges for hospitals across the country as CommonSpirit deals with a cyberattack. Continue Reading
-
News
10 Oct 2022
Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted
CSI Laboratories suffered a phishing attack on one employee email account that impacted 244,850 individuals. Continue Reading
-
News
07 Oct 2022
Data Security Incident Exposes PHI For Over 1K Zomo Health Members
In addition to Zomo Health’s recent data security incident, Northern California Fertility Medical Center reported a recent healthcare data breach. Continue Reading
-
News
05 Oct 2022
CommonSpirit Health Suffers IT Outages, EHR Downtime at Multiple Hospitals
Multiple hospitals within the CommonSpirit Health system, one of the nation’s largest nonprofit healthcare systems, are reporting IT outages and EHR downtime. Continue Reading
-
News
04 Oct 2022
Anthem MaineHealth Suffers Third-Party Data Breach, 13K Impacted
The third-party data breach involved unauthorized access to some PHI at Choice Health, an Anthem MaineHealth vendor. Continue Reading
-
News
30 Sep 2022
Magellan Health Settles Healthcare Data Breach Lawsuit For $1.43M
The healthcare data breach lawsuit stemmed from a 2019 phishing attack at Magellan Health that impacted 273,000 individuals. Continue Reading
-
News
29 Sep 2022
Primary Care Clinic Network Suffers Healthcare Data Breach, 233K Impacted
A Texas-based network of primary care clinics, Family Health Centers, suffered a healthcare data breach involving unauthorized access to some PHI. Continue Reading
-
News
21 Sep 2022
IA Eye Clinic Adds 543K to Eye Care Leaders Data Breach Tally
The Eye Care Leaders data breach, which has already impacted more than 2 million individuals, has also affected nearly 543K people at Iowa-based Wolfe Eye Clinic. Continue Reading
-
News
20 Sep 2022
NY Ambulance Service Suffers Healthcare Data Breach, 318K Impacted
In addition to Empress EMS, Lubbock Heart & Surgical Hospital, Medical Associates of the Lehigh Valley, and more reported healthcare data breaches recently. Continue Reading
-
News
19 Sep 2022
OakBend Medical Center Confirms Data Theft Following Ransomware Attack
OakBend Medical Center is working to rebuild its communication systems after a ransomware attack forced the Texas hospital to take its systems offline. Continue Reading
-
News
13 Sep 2022
Law Firm Confirms Data Security Incident, 255K Impacted
As previously reported, the data security incident at law firm Warner Norcross & Judd impacted 120,000 Priority Health members. Continue Reading
-
News
09 Sep 2022
Alabama Women’s Health Center Suffers Data Breach, 34K Impacted
A bad actor hacked an employee email account at Henderson & Walton Women’s Center, P.C., resulting in a data breach. Continue Reading
-
News
07 Sep 2022
Additional Orgs Report Aftermath of OneTouchPoint Data Breach
The OneTouchPoint data breach tally continues to grow as more healthcare organizations submit individual breach reports to OCR. Continue Reading
-
News
01 Sep 2022
CorrectHealth Suffers Email Account Data Breach, 54K Impacted
CorrectHealth, First Street Family Health, and Gifted Healthcare all disclosed data breaches recently. Continue Reading
-
News
29 Aug 2022
Baton Rouge General Confirms Healthcare Data Breach
Baton Rouge-based General Health System confirmed that an unauthorized party accessed its network in June, resulting in a healthcare data breach. Continue Reading
-
News
26 Aug 2022
Karakurt Ransomware Group Targets Methodist McKinney Hospital in Cyberattack
Early reports indicated that Karakurt ransomware group posted Methodist McKinney Hospital patient data on the dark web after executing a cyberattack. Continue Reading
-
News
24 Aug 2022
CA Department of Corrections Suffers Healthcare Data Breach
IT professionals discovered the healthcare data breach during routine maintenance and later found that it potentially impacted COVID-19 testing data. Continue Reading
-
News
19 Aug 2022
Ransomware Attack at Lamoille Health Partners Impacts 59K
The June ransomware attack resulted in some of Lamoille Health Partners' files being locked. Continue Reading
-
News
17 Aug 2022
NY Billing Company Suffers Ransomware Attack, 942K Impacted
New York billing company Practice Resources, LLC disclosed a ransomware attack that impacted 942,000 individuals and 26 healthcare organizations. Continue Reading
-
News
16 Aug 2022
Several Orgs Impacted by Email Security Breach at RCM Vendor
An email security breach at RCM vendor Conifer Revenue Cycle Solutions potentially exposed PHI at several healthcare organizations. Continue Reading
-
News
11 Aug 2022
Third-Party Mailing Error Exposes 37K SSNs at Sound Health and Wellness Trust
A third-party mailing error originating at Zenith American Solutions exposed the Social Security numbers of 37,000 individuals associated with Sound Health and Wellness Trust. Continue Reading
-
News
10 Aug 2022
120K Priority Health Members Impacted By Third-Party Data Breach
Michigan-based health plan Priority Health notified approximately 120,000 individuals of a third-party data breach that originated at the law firm Warner Norcross & Judd. Continue Reading
-
News
08 Aug 2022
Neurology Practice Notifies 363K of Data Breach, PHI Released on Dark Web
Indiana-based Goodman Campbell Brain and Spine notified nearly 363,000 individuals of a data breach that resulted in PHI being posted on the dark web. Continue Reading
-
News
04 Aug 2022
Oklahoma Home Health Company Reports Email Security Breach, 21K Impacted
Healthback Holdings reported an email security breach, and the City of Newport, Rhode Island and Minuteman Senior Services also reported recent breaches. Continue Reading
-
News
03 Aug 2022
Geisinger, Kaiser Permanente, 35 Others Impacted By Third-Party Vendor Data Breach
Third-party mailing and printing vendor OneTouchPoint reported a breach that impacted 37 healthcare organizations, including Anthem ACE, Geisinger, and Kaiser Permanente. Continue Reading
-
News
02 Aug 2022
Phishing Attack at Allegheny Health Network Impacts 8K
Allegheny Health Network suffered a phishing attack in June that led to potential PHI exposure for around 8,000 patients. Continue Reading
-
News
01 Aug 2022
PracticeMax Ransomware Attack Impacts 258K at FL Urgent Care Center
Fast Track Urgent Care Center began notifying 258,411 individuals of the 2021 PracticeMax ransomware attack that resulted in unauthorized data access. Continue Reading
-
News
29 Jul 2022
Healthcare Orgs Continue to Report Impacts Of Recent Third-Party Data Breaches
Healthcare organizations continue to report the impacts of various third-party data breaches, including incidents at Eye Care Leaders, Netgain, and the Medical Review Institute of America. Continue Reading
-
News
29 Jul 2022
Avamere Health Services Data Breach Impacts 96 Practices, At Least 380K
Avamere Health Services, a group of independently-owned post-acute care companies, reported a data breach that impacted 96 practices and at least 380K individuals. Continue Reading
-
News
28 Jul 2022
Stolen iPad Leads to Potential PHI Exposure at Kaiser Permanente
Kaiser Foundation Health Plan, Blue Shield of California, and Clinivate all experienced healthcare data breaches leading to potential PHI exposure recently. Continue Reading
-
News
25 Jul 2022
BCBS of Massachusetts Reports Third-Party Vendor Data Breach
Blue Cross and Blue Shield (BCBS) of Massachusetts reported a third-party vendor data breach involving its pension plan payment vendor. Continue Reading
-
News
13 Jul 2022
Highmark Health, WellDyneRx, Others Report Healthcare Data Breaches
WellDyneRx, Highmark Health, Carolina Behavioral Health Alliance, and two others disclosed healthcare data breaches recently. Continue Reading
-
News
12 Jul 2022
VCU Health Notifies Patients of Transplant Donor, Recipient PHI Data Breach
VCU Health, Phoenixville Hospital, and Family Practice Centers all reported PHI data breaches recently. Continue Reading
-
News
08 Jul 2022
WI, GA, LA Hospitals Confirm Recent Healthcare Cyberattacks
Jack Hughston Memorial Hospital, Baton Rouge General, and Southwest Health Center all reported recent healthcare cyberattacks. Continue Reading
-
News
06 Jul 2022
Vendor Ransomware Attack Impacts 660 Healthcare Organizations
Accounts receivable management agency Professional Finance Company (PFC) suffered a ransomware attack that impacted 660 of its healthcare organization clients. Continue Reading
-
News
30 Jun 2022
Two Healthcare Orgs Suffer Email Data Breaches, ECL Breach Tally Rises
Covenant Care California and Bergen’s Promise each reported email data breaches, and the Eye Care Leaders (ECL) breach tally continues to rise. Continue Reading
-
News
24 Jun 2022
MCG Health Data Breach Impacts 8 Organizations, 793K Individuals
At least 8 organizations and 793,283 individuals were impacted by a third-party data breach stemming from MCG Health. Continue Reading
-
News
23 Jun 2022
UPMC Reaches $450K Settlement in Healthcare Data Breach Lawsuit
University of Pittsburgh Medical Center (UPMC) and its legal counsel faced a lawsuit over their handling of a 2020 healthcare data breach. Continue Reading
-
News
22 Jun 2022
Yale New Haven Hospital Research File Implicated in Healthcare Data Breach
Yale New Haven Hospital, Express Scripts, and Alliance Physical Therapy Group all disclosed separate healthcare data breaches recently. Continue Reading
-
News
21 Jun 2022
2 Texas Hospitals Infected With Malicious Code May Face PHI Exposure
Baptist Medical Center and Resolute Health Hospital informed patients that their network was infected with malicious code in April, potentially resulting in PHI exposure. Continue Reading
-
News
17 Jun 2022
Eye Care Leaders EMR Data Breach Tally Surpasses 2 Million
Texas Tech University Health Sciences Center reported that nearly 1.3 million of its patients were potentially impacted by the Eye Care Leaders EMR data breach. Continue Reading
-
News
16 Jun 2022
Yuma Regional Medical Center Experiences Ransomware Attack
Yuma Regional Medical Center was forced to implement downtime procedures during a ransomware attack in late April. Continue Reading
-
News
13 Jun 2022
Kaiser Permanente Discloses Data Breach at WA Health Plan, 69K Impacted
Kaiser Foundation Health Plan of Washington, Virginia Mason Medical Center, and MCG Health recently reported data breaches impacting protected health information (PHI). Continue Reading
-
News
10 Jun 2022
Aesto Health, Aon PLC, Alameda Health System Suffer Healthcare Data Breaches
All three organizations recently reported healthcare data breaches involving unauthorized access to certain systems or email accounts. Continue Reading
-
News
08 Jun 2022
8 More Orgs Added to Eye Care Leaders EMR Data Breach Tally
More than 583,000 individuals have potentially been impacted by the Eye Care Leaders EMR data breach. Continue Reading
-
News
07 Jun 2022
2 Million Individuals Impacted By Shields Health Care Group Cyberattack
Massachusetts-based Shields Health Care Group disclosed a healthcare cyberattack that potentially impacted the PHI of 2 million individuals. Continue Reading
-
News
31 May 2022
Several Healthcare Providers Report Recent Data Breaches
The latest data breach roundup includes recent notifications from eight healthcare providers, all of which experienced data security incidents recently. Continue Reading
-
News
25 May 2022
Bryan County Ambulance Authority in Oklahoma Faces Ransomware, 14K Impacted
Washington University School of Medicine, the Motion Picture Industry Health Plan, and Bryan County Ambulance Authority disclosed healthcare data breaches to OCR recently. Continue Reading
-
News
23 May 2022
Eye Care Leaders EMR Breach Impacts 1.5M+
Eye Care Leaders suffered unauthorized access to its myCare Integrity EMR offering, impacting at least eight eye care providers and hundreds of thousands of individuals. Continue Reading
-
News
19 May 2022
Manufacturing Company Parker-Hannifin Suffers Health Plan Cyberattack, 120K Impacted
Conti ransomware allegedly claimed responsibility for the cyberattack against manufacturing giant Parker-Hannifin. Continue Reading
-
News
18 May 2022
AvosLocker Claims Responsibility For Christus Health Ransomware Attack
AvosLocker claimed responsibility for the ransomware attack, but Christus Health said that the incident did not have adverse effects on patient care. Continue Reading
-
News
16 May 2022
NH Medical Device Company Faces Data Security Incident, 81K Impacted
New Hampshire-based medical device company NuLife Med suffered a data security incident in March that impacted 81,244 individuals. Continue Reading
-
News
12 May 2022
Refuah Health Center Suffers Cybersecurity Incident, 260K Impacted
Refuah Health Center, Omnicell, McKenzie Health, and Vail Health Services recently reported cybersecurity incidents. Continue Reading
-
News
09 May 2022
Illinois Gastroenterology Group Data Breach Impacts 228K
EvergreenHealth, SAC Health, and Optima Dermatology also faced healthcare data breaches recently. Continue Reading
-
News
04 May 2022
Salusive Health Shuts Doors, Provides Data Breach Notification
In a breach notification letter, Salusive Health also announced it would shut its doors in May. Continue Reading
-
News
04 May 2022
3 Orgs Fall Victim to Separate Phishing, Email Security Incidents
Valley View Hospital, Fairfield County Implants and Periodontics, and the Los Angeles County Department of Mental Health all suffered phishing or email security incidents. Continue Reading
-
News
29 Apr 2022
Smile Brands Updates Breach Information, 2.6M Affected
Smile Brands originally reported a lower count, but new information revealed that the 2021 data breach potentially impacted nearly 2.6 million individuals. Continue Reading
-
News
27 Apr 2022
Tenet Healthcare Investigating Cybersecurity Incident
Dallas, Texas-based Tenet Healthcare is investigating a cybersecurity incident that temporarily disrupted some of its acute care operations. Continue Reading
-
News
21 Apr 2022
Adaptive Health Integrations Data Breach Impacts 510K
North Dakota-based Adaptive Health Integrations faced a hacking incident in October that impacted over 510,000 individuals. Continue Reading
-
News
19 Apr 2022
Data Breach Goes Unnoticed For Nearly 1 Year at KS Hospital
Newman Regional Health, a critical access hospital in Kansas, suffered a data breach that impacted over 52,000 individuals. Continue Reading
-
News
13 Apr 2022
PHI Potentially Accessed in Ballad Health Email Data Breach
Ballad Health, WellStar Health, and Resources for Human Development all reported healthcare data breaches recently. Continue Reading
-
News
11 Apr 2022
Latest Healthcare Data Breaches Impact Providers, Business Associates
The latest string of reported healthcare data breaches reached small and large healthcare providers and business associates, impacting thousands of individuals. Continue Reading
-
News
07 Apr 2022
SuperCare Health Data Breach Impacts 318K
SuperCare Health disclosed a data breach that impacted more than 318,000 individuals, making it one of the year’s largest healthcare data breaches to date. Continue Reading
-
News
06 Apr 2022
Seattle Health Center Discovers Additional Data Stolen During June Breach
In early 2022, Sea Mar Community Health Centers discovered that threat actors had stolen more data than previously thought during a June 2021 breach. Continue Reading
-
News
04 Apr 2022
Phishing Attacks, Email Security Incidents Hit 3 Healthcare Orgs
A phishing attack against the West Virginia medical center potentially exposed PHI, and a separate email security breach impacted 28K at a Minnesota mental health center. Continue Reading
-
News
31 Mar 2022
Law Enforcement Health Benefits Plan Ransomware Attack Impacts 85K
Ransomware impacted 85K at Law Enforcement Health Benefits, and a California health plan is temporarily unavailable after detecting anomalous activity. Continue Reading
-
News
29 Mar 2022
Oklahoma City Indian Clinic Cyberattack Causes Pharmacy Disruptions
Oklahoma City Indian Clinic suffered a cyberattack, leaving its pharmacy automatic refill line and mail order services down indefinitely. Continue Reading
-
News
29 Mar 2022
Health Plans, Laboratories, Health Departments Hit by Healthcare Data Breaches
Recent healthcare data breach notifications came from a health plan, a cancer testing laboratory, a hematology center, and a Washington health department. Continue Reading
-
News
23 Mar 2022
Kentucky, Tennessee Hospitals Begin Cybersecurity Incident Recovery
Taylor Regional Hospital and East Tennessee Children's Hospital are both making steady progress in recovering from recent cybersecurity incidents. Continue Reading
-
News
22 Mar 2022
NJ Dialysis Center, Neurosurgery Practice Both Face Cyberattacks
In two separate incidents, a New Jersey dialysis center and a neurosurgery practice suffered cyberattacks that potentially resulted in PHI Exposure. Continue Reading
-
News
21 Mar 2022
Healthcare Cyberattacks Impact Benefit Plans, Safety-Net Clinic
Recent healthcare cyberattacks impacted a safety-net clinic and an actuarial services company serving MLB player benefit plans. Continue Reading
-
News
17 Mar 2022
East Tennessee Children's Hospital Experiencing Security Issue
East Tennessee Children's Hospital told patients that it had fallen victim to an "information technology security issue," leading to disruptions. Continue Reading