Healthcare data breaches
Healthcare data breaches can result from hacking, data theft, loss or unauthorized access. Whatever the cause, these breaches can potentially jeopardize patient privacy by exposing protected health information. Understanding the latest data breach patterns can help healthcare organizations mitigate risk.
Top Stories
-
News
07 Nov 2024
Kaiser Permanente reports email data breach
Recent healthcare cybersecurity incidents include an email data breach that affected Kaiser Permanente and a ransomware attack against a small rural healthcare provider. Continue Reading
-
News
17 Oct 2024
BianLian cyberattack hits Boston Children's Health Physicians
BianLian cyberthreat actors claimed responsibility for a cyberattack and data breach that affected Boston Children's Health Physicians through its IT vendor. Continue Reading
-
News
17 Feb 2023
2 Orgs Reach Settlements to Resolve Healthcare Data Breach Lawsuits
20/20 Eye Care Network and Electromed each reached settlements to resolve class action lawsuits stemming from healthcare data breaches. Continue Reading
-
News
16 Feb 2023
Third-Party Data Breach Corrupts Medical Records at NH Hospital
The third-party data breach impacted patient information entered into the practice’s EHR system between April and December, corrupting the data and rendering it inaccessible. Continue Reading
-
News
15 Feb 2023
Community Health Systems Impacted by Data Breach Tied to GoAnywhere MFT Vulnerability
In an SEC filing, Community Health Systems, one of the country’s largest healthcare providers, disclosed a third-party data breach involving Fortra’s GoAnywhere managed file transfer solution that impacted one million individuals. Continue Reading
-
News
07 Feb 2023
3 Organizations Report Recent Healthcare Data Breaches
Healthcare data breaches are continuing to impact small and large organizations across the country. Continue Reading
-
News
06 Feb 2023
Highmark Health Suffers Phishing Attack, 300K Individuals Impacted
Highmark Health notified 300,000 individuals of a phishing attack that potentially compromised protected health information. Continue Reading
-
News
01 Feb 2023
Maryland Hospital Suffers Ransomware Attack
Atlantic General Hospital is currently investigating a ransomware attack that occurred earlier this week. Continue Reading
-
News
25 Jan 2023
Specialty Care Clinic Reports Potential PHI Exposure Caused by Tracking Pixels
The use of Google and Meta tracking pixels by partner company Advocate Aurora Health led to potential PHI disclosure for BayCare Clinic patients. Continue Reading
-
News
24 Jan 2023
One Brooklyn Confirms Cyberattack, BlackCat Ransomware Claims Attack On NextGen
The latest healthcare data breach news shows that threat actors have not slowed down their efforts to target the sector. Continue Reading
-
News
20 Jan 2023
MA Medical Device Company Reports Healthcare Data Breach, 29K Impacted
The Massachusetts-based medical device company said that some sensitive information may have been exposed to its website performance and marketing partners, resulting in a healthcare data breach. Continue Reading
-
News
17 Jan 2023
3 Specialty Practices Report Healthcare Data Breaches
A Texas home healthcare provider, a Florida behavioral health services organization, and a New York provider of autism services all disclosed healthcare data breaches recently. Continue Reading
-
News
12 Jan 2023
TX Insurance Administrator Discloses Healthcare Data Breach
Bay Bridge Administrators (BBA) experienced a data security incident that impacted individuals enrolled in some employment insurance benefits. Continue Reading
-
News
10 Jan 2023
Consulate Healthcare Provides Notice of Third-Party Vendor Data Breach
Consulate Healthcare provided notice of a third-party vendor data breach, but Hive ransomware claims to have targeted the organization directly. Continue Reading
-
News
09 Jan 2023
3 Latest Email Security Breaches Impact PHI
A surgery center in Texas, a hospice provider in Alabama, and a university in Florida all recently reported healthcare data breaches that stemmed from email security incidents. Continue Reading
-
News
06 Jan 2023
NJ Health System Diverts Ambulances Amid “IT Network Issue”
CentraState Healthcare System in New Jersey began experiencing an IT network issue on December 29 that forced it to divert ambulances. Continue Reading
-
News
04 Jan 2023
Arkansas Hospital Notifies Patients of Healthcare Data Breach
As the new year begins, healthcare data breach reports continue to roll in. Continue Reading
-
News
03 Jan 2023
Louisiana Health System Notifies 270K of Healthcare Data Breach
Lake Charles Memorial Health System in Louisiana recently notified patients of a healthcare data breach that occurred in October. Continue Reading
-
News
23 Dec 2022
MultiCare Notifies 23K of Third-Party Breach
MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith. Continue Reading
-
News
22 Dec 2022
Third-Party Data Breach Impacts 271K at Oklahoma Healthcare Administrative, Tech Services Company
Avem Health Partners said it was evaluating its vendor relationships after a third-party data breach potentially exposed patient information. Continue Reading
-
News
19 Dec 2022
GA Health System Reports Healthcare Data Breach
Emory Healthcare (EHC), Epic Management, and NYC Health + Hospitals recently disclosed healthcare data breaches. Continue Reading
-
News
15 Dec 2022
CMS Responds to Third-Party Data Breach Impacting 254K Medicare Beneficiaries
Initial investigations into the third-party data breach suggest that Healthcare Management Solutions “acted in violation of its obligations to CMS,” the agency stated. Continue Reading
-
News
13 Dec 2022
CA Hospital Notifies Patients of Healthcare Data Breach
An unauthorized party accessed San Gorgonio Memorial Hospital’s network and copied some files, resulting in a healthcare data breach. Continue Reading
-
News
12 Dec 2022
CareFirst Administrators Impacted By Phishing Scam at RCM Vendor
CareFirst Administrators notified more than 14,000 individuals of a phishing scam that impacted Conifer, its revenue cycle management vendor. Continue Reading
-
News
05 Dec 2022
CommonSpirit Ransomware Attack Impacted Patient Data at Virginia Mason Franciscan Health
CommonSpirit issued a breach notice to patients of Virginia Mason Franciscan Health in Washington state following a large-scale ransomware attack. Continue Reading
-
News
01 Dec 2022
Latest Healthcare Data Breaches Impact Providers Across the Country
Recent healthcare data breaches impacted Dallam Hartley Counties Hospital District in Texas, Mena Regional Health System in Arkansas, and more. Continue Reading
-
News
29 Nov 2022
Third-Party Data Breach Impacts 119 Pediatric Practices, 2.2M Patients
The healthcare data breach occurred at Connexin Software, a provider of pediatric-specific health IT solutions. Continue Reading
-
News
28 Nov 2022
Community Health Network Notifies 1.5M of Data Breach Stemming From Tracking Tech
The health system used third-party tracking technologies to track user trends, but later discovered that the tools were collecting more information than the health system “had ever intended.” Continue Reading
-
News
22 Nov 2022
Healthcare Data Breach At PA Rehab Center Impacts 130K
Along with Gateway Rehabilitation Center, University Medical Center of Southern Nevada and Yakima Neighborhood Health Services also reported healthcare data breaches recently. Continue Reading
-
News
14 Nov 2022
Latest Healthcare Data Breaches Have Varying Impacts on Health Data
The latest string of healthcare data breach notifications includes breaches at a New York police union, a California post-acute care facility, and a Colorado FQHC. Continue Reading
-
News
10 Nov 2022
Most EHRs Back Online at CommonSpirit Health Following Ransomware Attack
In its most recent update about the October ransomware attack, CommonSpirit Health assured patients that the majority of impacted providers have regained access to EHR systems. Continue Reading
-
News
09 Nov 2022
Louisiana Corrections Department Suffers Third-Party Data Breach, 85K Impacted
The third-party breach originated at CorrectCare and potentially exposed the information of inmates who received care between 2013 and 2022. Continue Reading
-
News
04 Nov 2022
OakBend Medical Center Provides Healthcare Data Breach Notice
OakBend confirmed that the healthcare data breach resulted in data encryption and exfiltration. Continue Reading
-
News
03 Nov 2022
St. Luke’s Health Suffers Third-Party Data Breach, Unrelated to CommonSpirit Attack
Texas-based St. Luke’s Health notified nearly 17,000 individuals of a third-party vendor data breach that originated at Adelanto Healthcare Ventures, a consulting services vendor. Continue Reading
-
News
02 Nov 2022
Eye Care Leaders Data Breach Impacts 15K at Oklahoma Eye Care Practice
The Eye Care Leaders data breach tally continues to grow nearly one year after the incident was first discovered. Continue Reading
-
News
28 Oct 2022
Michigan Medicine Notifies 33K Patients of Phishing Attack
Four Michigan Medicine employees fell victim to the phishing attack, enabling unauthorized access to their email accounts. Continue Reading
-
News
27 Oct 2022
Healthcare Data Breach at GA Cardiology Practice Impacts 71K
The healthcare data breach at Ascension St. Vincent’s Coastal Cardiology impacted recently acquired legacy systems. Continue Reading
-
News
25 Oct 2022
NM Radiology Practice Health Data Breach Results in PHI Exposure
New Mexico-based Radiology Associates of Albuquerque discovered a health data breach in August 2021 that involved unauthorized access to patient PHI. Continue Reading
-
Answer
24 Oct 2022
Ransomware Attack Has Varying Impacts Across CommonSpirit Facilities
CommonSpirit Health is still recovering from a ransomware attack that impacted multiple facilities across the health system. Continue Reading
-
News
20 Oct 2022
3M Advocate Aurora Health Patients Face PHI Exposure Tied to Tracking Pixels
Advocate Aurora Health discontinued its use of tracking pixels after discovering that they potentially resulted in patient PHI exposure. Continue Reading
-
News
17 Oct 2022
Healthcare Data Breach Impacts 13 Anesthesia Providers, 380K Individuals
Healthcare data breach notifications for this incident have been sparse, but more than 380,000 individuals were impacted. Continue Reading
-
News
17 Oct 2022
Keystone Health Data Breach Impacts PHI of 235K Individuals
Pennsylvania-based Keystone Health discovered a data breach in August that potentially impacted more than 235,000 individuals. Continue Reading
-
News
13 Oct 2022
CommonSpirit Updates Patients, Confirms Ransomware Attack
CommonSpirit confirmed that the IT security incident it has been dealing with for the past week was a ransomware attack. Continue Reading
-
News
13 Oct 2022
PA Dermatology Practice Suffers Healthcare Data Breach, 33K Impacted
Aesthetic Dermatology Associates, Family Medicine Shady Grove, and Cardiac Imaging Associates all recently disclosed healthcare data breaches. Continue Reading
-
News
12 Oct 2022
Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident
IT outages, appointment cancellations, and suspended patient portal access remain challenges for hospitals across the country as CommonSpirit deals with a cyberattack. Continue Reading
-
News
10 Oct 2022
Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted
CSI Laboratories suffered a phishing attack on one employee email account that impacted 244,850 individuals. Continue Reading
-
News
07 Oct 2022
Data Security Incident Exposes PHI For Over 1K Zomo Health Members
In addition to Zomo Health’s recent data security incident, Northern California Fertility Medical Center reported a recent healthcare data breach. Continue Reading
-
News
05 Oct 2022
CommonSpirit Health Suffers IT Outages, EHR Downtime at Multiple Hospitals
Multiple hospitals within the CommonSpirit Health system, one of the nation’s largest nonprofit healthcare systems, are reporting IT outages and EHR downtime. Continue Reading
-
News
04 Oct 2022
Anthem MaineHealth Suffers Third-Party Data Breach, 13K Impacted
The third-party data breach involved unauthorized access to some PHI at Choice Health, an Anthem MaineHealth vendor. Continue Reading
-
News
30 Sep 2022
Magellan Health Settles Healthcare Data Breach Lawsuit For $1.43M
The healthcare data breach lawsuit stemmed from a 2019 phishing attack at Magellan Health that impacted 273,000 individuals. Continue Reading
-
News
29 Sep 2022
Primary Care Clinic Network Suffers Healthcare Data Breach, 233K Impacted
A Texas-based network of primary care clinics, Family Health Centers, suffered a healthcare data breach involving unauthorized access to some PHI. Continue Reading
-
News
21 Sep 2022
IA Eye Clinic Adds 543K to Eye Care Leaders Data Breach Tally
The Eye Care Leaders data breach, which has already impacted more than 2 million individuals, has also affected nearly 543K people at Iowa-based Wolfe Eye Clinic. Continue Reading
-
News
20 Sep 2022
NY Ambulance Service Suffers Healthcare Data Breach, 318K Impacted
In addition to Empress EMS, Lubbock Heart & Surgical Hospital, Medical Associates of the Lehigh Valley, and more reported healthcare data breaches recently. Continue Reading
-
News
19 Sep 2022
OakBend Medical Center Confirms Data Theft Following Ransomware Attack
OakBend Medical Center is working to rebuild its communication systems after a ransomware attack forced the Texas hospital to take its systems offline. Continue Reading
-
News
13 Sep 2022
Law Firm Confirms Data Security Incident, 255K Impacted
As previously reported, the data security incident at law firm Warner Norcross & Judd impacted 120,000 Priority Health members. Continue Reading
-
News
09 Sep 2022
Alabama Women’s Health Center Suffers Data Breach, 34K Impacted
A bad actor hacked an employee email account at Henderson & Walton Women’s Center, P.C., resulting in a data breach. Continue Reading
-
News
07 Sep 2022
Additional Orgs Report Aftermath of OneTouchPoint Data Breach
The OneTouchPoint data breach tally continues to grow as more healthcare organizations submit individual breach reports to OCR. Continue Reading
-
News
01 Sep 2022
CorrectHealth Suffers Email Account Data Breach, 54K Impacted
CorrectHealth, First Street Family Health, and Gifted Healthcare all disclosed data breaches recently. Continue Reading
-
News
29 Aug 2022
Baton Rouge General Confirms Healthcare Data Breach
Baton Rouge-based General Health System confirmed that an unauthorized party accessed its network in June, resulting in a healthcare data breach. Continue Reading
-
News
26 Aug 2022
Karakurt Ransomware Group Targets Methodist McKinney Hospital in Cyberattack
Early reports indicated that Karakurt ransomware group posted Methodist McKinney Hospital patient data on the dark web after executing a cyberattack. Continue Reading
-
News
24 Aug 2022
CA Department of Corrections Suffers Healthcare Data Breach
IT professionals discovered the healthcare data breach during routine maintenance and later found that it potentially impacted COVID-19 testing data. Continue Reading
-
News
19 Aug 2022
Ransomware Attack at Lamoille Health Partners Impacts 59K
The June ransomware attack resulted in some of Lamoille Health Partners' files being locked. Continue Reading
-
News
17 Aug 2022
NY Billing Company Suffers Ransomware Attack, 942K Impacted
New York billing company Practice Resources, LLC disclosed a ransomware attack that impacted 942,000 individuals and 26 healthcare organizations. Continue Reading
-
News
16 Aug 2022
Several Orgs Impacted by Email Security Breach at RCM Vendor
An email security breach at RCM vendor Conifer Revenue Cycle Solutions potentially exposed PHI at several healthcare organizations. Continue Reading
-
News
11 Aug 2022
Third-Party Mailing Error Exposes 37K SSNs at Sound Health and Wellness Trust
A third-party mailing error originating at Zenith American Solutions exposed the Social Security numbers of 37,000 individuals associated with Sound Health and Wellness Trust. Continue Reading
-
News
10 Aug 2022
120K Priority Health Members Impacted By Third-Party Data Breach
Michigan-based health plan Priority Health notified approximately 120,000 individuals of a third-party data breach that originated at the law firm Warner Norcross & Judd. Continue Reading
-
News
08 Aug 2022
Neurology Practice Notifies 363K of Data Breach, PHI Released on Dark Web
Indiana-based Goodman Campbell Brain and Spine notified nearly 363,000 individuals of a data breach that resulted in PHI being posted on the dark web. Continue Reading
-
News
04 Aug 2022
Oklahoma Home Health Company Reports Email Security Breach, 21K Impacted
Healthback Holdings reported an email security breach, and the City of Newport, Rhode Island and Minuteman Senior Services also reported recent breaches. Continue Reading
-
News
03 Aug 2022
Geisinger, Kaiser Permanente, 35 Others Impacted By Third-Party Vendor Data Breach
Third-party mailing and printing vendor OneTouchPoint reported a breach that impacted 37 healthcare organizations, including Anthem ACE, Geisinger, and Kaiser Permanente. Continue Reading
-
News
02 Aug 2022
Phishing Attack at Allegheny Health Network Impacts 8K
Allegheny Health Network suffered a phishing attack in June that led to potential PHI exposure for around 8,000 patients. Continue Reading
-
News
01 Aug 2022
PracticeMax Ransomware Attack Impacts 258K at FL Urgent Care Center
Fast Track Urgent Care Center began notifying 258,411 individuals of the 2021 PracticeMax ransomware attack that resulted in unauthorized data access. Continue Reading
-
News
29 Jul 2022
Healthcare Orgs Continue to Report Impacts Of Recent Third-Party Data Breaches
Healthcare organizations continue to report the impacts of various third-party data breaches, including incidents at Eye Care Leaders, Netgain, and the Medical Review Institute of America. Continue Reading
-
News
29 Jul 2022
Avamere Health Services Data Breach Impacts 96 Practices, At Least 380K
Avamere Health Services, a group of independently-owned post-acute care companies, reported a data breach that impacted 96 practices and at least 380K individuals. Continue Reading
-
News
28 Jul 2022
Stolen iPad Leads to Potential PHI Exposure at Kaiser Permanente
Kaiser Foundation Health Plan, Blue Shield of California, and Clinivate all experienced healthcare data breaches leading to potential PHI exposure recently. Continue Reading
-
News
25 Jul 2022
BCBS of Massachusetts Reports Third-Party Vendor Data Breach
Blue Cross and Blue Shield (BCBS) of Massachusetts reported a third-party vendor data breach involving its pension plan payment vendor. Continue Reading
-
News
13 Jul 2022
Highmark Health, WellDyneRx, Others Report Healthcare Data Breaches
WellDyneRx, Highmark Health, Carolina Behavioral Health Alliance, and two others disclosed healthcare data breaches recently. Continue Reading
-
News
12 Jul 2022
VCU Health Notifies Patients of Transplant Donor, Recipient PHI Data Breach
VCU Health, Phoenixville Hospital, and Family Practice Centers all reported PHI data breaches recently. Continue Reading
-
News
08 Jul 2022
WI, GA, LA Hospitals Confirm Recent Healthcare Cyberattacks
Jack Hughston Memorial Hospital, Baton Rouge General, and Southwest Health Center all reported recent healthcare cyberattacks. Continue Reading
-
News
06 Jul 2022
Vendor Ransomware Attack Impacts 660 Healthcare Organizations
Accounts receivable management agency Professional Finance Company (PFC) suffered a ransomware attack that impacted 660 of its healthcare organization clients. Continue Reading
-
News
30 Jun 2022
Two Healthcare Orgs Suffer Email Data Breaches, ECL Breach Tally Rises
Covenant Care California and Bergen’s Promise each reported email data breaches, and the Eye Care Leaders (ECL) breach tally continues to rise. Continue Reading
-
News
24 Jun 2022
MCG Health Data Breach Impacts 8 Organizations, 793K Individuals
At least 8 organizations and 793,283 individuals were impacted by a third-party data breach stemming from MCG Health. Continue Reading
-
News
23 Jun 2022
UPMC Reaches $450K Settlement in Healthcare Data Breach Lawsuit
University of Pittsburgh Medical Center (UPMC) and its legal counsel faced a lawsuit over their handling of a 2020 healthcare data breach. Continue Reading
-
News
22 Jun 2022
Yale New Haven Hospital Research File Implicated in Healthcare Data Breach
Yale New Haven Hospital, Express Scripts, and Alliance Physical Therapy Group all disclosed separate healthcare data breaches recently. Continue Reading
-
News
21 Jun 2022
2 Texas Hospitals Infected With Malicious Code May Face PHI Exposure
Baptist Medical Center and Resolute Health Hospital informed patients that their network was infected with malicious code in April, potentially resulting in PHI exposure. Continue Reading
-
News
17 Jun 2022
Eye Care Leaders EMR Data Breach Tally Surpasses 2 Million
Texas Tech University Health Sciences Center reported that nearly 1.3 million of its patients were potentially impacted by the Eye Care Leaders EMR data breach. Continue Reading
-
News
16 Jun 2022
Yuma Regional Medical Center Experiences Ransomware Attack
Yuma Regional Medical Center was forced to implement downtime procedures during a ransomware attack in late April. Continue Reading
-
News
13 Jun 2022
Kaiser Permanente Discloses Data Breach at WA Health Plan, 69K Impacted
Kaiser Foundation Health Plan of Washington, Virginia Mason Medical Center, and MCG Health recently reported data breaches impacting protected health information (PHI). Continue Reading
-
News
10 Jun 2022
Aesto Health, Aon PLC, Alameda Health System Suffer Healthcare Data Breaches
All three organizations recently reported healthcare data breaches involving unauthorized access to certain systems or email accounts. Continue Reading
-
News
08 Jun 2022
8 More Orgs Added to Eye Care Leaders EMR Data Breach Tally
More than 583,000 individuals have potentially been impacted by the Eye Care Leaders EMR data breach. Continue Reading
-
News
07 Jun 2022
2 Million Individuals Impacted By Shields Health Care Group Cyberattack
Massachusetts-based Shields Health Care Group disclosed a healthcare cyberattack that potentially impacted the PHI of 2 million individuals. Continue Reading
-
News
31 May 2022
Several Healthcare Providers Report Recent Data Breaches
The latest data breach roundup includes recent notifications from eight healthcare providers, all of which experienced data security incidents recently. Continue Reading
-
News
25 May 2022
Bryan County Ambulance Authority in Oklahoma Faces Ransomware, 14K Impacted
Washington University School of Medicine, the Motion Picture Industry Health Plan, and Bryan County Ambulance Authority disclosed healthcare data breaches to OCR recently. Continue Reading
-
News
23 May 2022
Eye Care Leaders EMR Breach Impacts 1.5M+
Eye Care Leaders suffered unauthorized access to its myCare Integrity EMR offering, impacting at least eight eye care providers and hundreds of thousands of individuals. Continue Reading
-
News
19 May 2022
Manufacturing Company Parker-Hannifin Suffers Health Plan Cyberattack, 120K Impacted
Conti ransomware allegedly claimed responsibility for the cyberattack against manufacturing giant Parker-Hannifin. Continue Reading
-
News
18 May 2022
AvosLocker Claims Responsibility For Christus Health Ransomware Attack
AvosLocker claimed responsibility for the ransomware attack, but Christus Health said that the incident did not have adverse effects on patient care. Continue Reading
-
News
16 May 2022
NH Medical Device Company Faces Data Security Incident, 81K Impacted
New Hampshire-based medical device company NuLife Med suffered a data security incident in March that impacted 81,244 individuals. Continue Reading
-
News
12 May 2022
Refuah Health Center Suffers Cybersecurity Incident, 260K Impacted
Refuah Health Center, Omnicell, McKenzie Health, and Vail Health Services recently reported cybersecurity incidents. Continue Reading
-
News
09 May 2022
Illinois Gastroenterology Group Data Breach Impacts 228K
EvergreenHealth, SAC Health, and Optima Dermatology also faced healthcare data breaches recently. Continue Reading
-
News
04 May 2022
Salusive Health Shuts Doors, Provides Data Breach Notification
In a breach notification letter, Salusive Health also announced it would shut its doors in May. Continue Reading
-
News
04 May 2022
3 Orgs Fall Victim to Separate Phishing, Email Security Incidents
Valley View Hospital, Fairfield County Implants and Periodontics, and the Los Angeles County Department of Mental Health all suffered phishing or email security incidents. Continue Reading
-
News
29 Apr 2022
Smile Brands Updates Breach Information, 2.6M Affected
Smile Brands originally reported a lower count, but new information revealed that the 2021 data breach potentially impacted nearly 2.6 million individuals. Continue Reading
-
News
27 Apr 2022
Tenet Healthcare Investigating Cybersecurity Incident
Dallas, Texas-based Tenet Healthcare is investigating a cybersecurity incident that temporarily disrupted some of its acute care operations. Continue Reading