Healthcare data breaches
Healthcare data breaches can result from hacking, data theft, loss or unauthorized access. Whatever the cause, these breaches can potentially jeopardize patient privacy by exposing protected health information. Understanding the latest data breach patterns can help healthcare organizations mitigate risk.
Top Stories
-
News
07 Nov 2024
Kaiser Permanente reports email data breach
Recent healthcare cybersecurity incidents include an email data breach that affected Kaiser Permanente and a ransomware attack against a small rural healthcare provider. Continue Reading
-
News
17 Oct 2024
BianLian cyberattack hits Boston Children's Health Physicians
BianLian cyberthreat actors claimed responsibility for a cyberattack and data breach that affected Boston Children's Health Physicians through its IT vendor. Continue Reading
-
News
21 Apr 2022
Adaptive Health Integrations Data Breach Impacts 510K
North Dakota-based Adaptive Health Integrations faced a hacking incident in October that impacted over 510,000 individuals. Continue Reading
-
News
19 Apr 2022
Data Breach Goes Unnoticed For Nearly 1 Year at KS Hospital
Newman Regional Health, a critical access hospital in Kansas, suffered a data breach that impacted over 52,000 individuals. Continue Reading
-
News
13 Apr 2022
PHI Potentially Accessed in Ballad Health Email Data Breach
Ballad Health, WellStar Health, and Resources for Human Development all reported healthcare data breaches recently. Continue Reading
-
News
11 Apr 2022
Latest Healthcare Data Breaches Impact Providers, Business Associates
The latest string of reported healthcare data breaches reached small and large healthcare providers and business associates, impacting thousands of individuals. Continue Reading
-
News
07 Apr 2022
SuperCare Health Data Breach Impacts 318K
SuperCare Health disclosed a data breach that impacted more than 318,000 individuals, making it one of the year’s largest healthcare data breaches to date. Continue Reading
-
News
06 Apr 2022
Seattle Health Center Discovers Additional Data Stolen During June Breach
In early 2022, Sea Mar Community Health Centers discovered that threat actors had stolen more data than previously thought during a June 2021 breach. Continue Reading
-
News
04 Apr 2022
Phishing Attacks, Email Security Incidents Hit 3 Healthcare Orgs
A phishing attack against the West Virginia medical center potentially exposed PHI, and a separate email security breach impacted 28K at a Minnesota mental health center. Continue Reading
-
News
31 Mar 2022
Law Enforcement Health Benefits Plan Ransomware Attack Impacts 85K
Ransomware impacted 85K at Law Enforcement Health Benefits, and a California health plan is temporarily unavailable after detecting anomalous activity. Continue Reading
-
News
29 Mar 2022
Oklahoma City Indian Clinic Cyberattack Causes Pharmacy Disruptions
Oklahoma City Indian Clinic suffered a cyberattack, leaving its pharmacy automatic refill line and mail order services down indefinitely. Continue Reading
-
News
29 Mar 2022
Health Plans, Laboratories, Health Departments Hit by Healthcare Data Breaches
Recent healthcare data breach notifications came from a health plan, a cancer testing laboratory, a hematology center, and a Washington health department. Continue Reading
-
News
23 Mar 2022
Kentucky, Tennessee Hospitals Begin Cybersecurity Incident Recovery
Taylor Regional Hospital and East Tennessee Children's Hospital are both making steady progress in recovering from recent cybersecurity incidents. Continue Reading
-
News
22 Mar 2022
NJ Dialysis Center, Neurosurgery Practice Both Face Cyberattacks
In two separate incidents, a New Jersey dialysis center and a neurosurgery practice suffered cyberattacks that potentially resulted in PHI Exposure. Continue Reading
-
News
21 Mar 2022
Healthcare Cyberattacks Impact Benefit Plans, Safety-Net Clinic
Recent healthcare cyberattacks impacted a safety-net clinic and an actuarial services company serving MLB player benefit plans. Continue Reading
-
News
17 Mar 2022
East Tennessee Children's Hospital Experiencing Security Issue
East Tennessee Children's Hospital told patients that it had fallen victim to an "information technology security issue," leading to disruptions. Continue Reading
-
News
15 Mar 2022
Labette Health, Capital Region Medical Center Confirm Data Breaches
Labette Health and Capital Region Medical Center disclosed data breaches that resulted in potential PHI exposure. Continue Reading
-
News
14 Mar 2022
Over 611K Impacted in Most Recent String of Healthcare Data Breaches
Healthcare data breaches continue to increase in severity—a cyberattack at Norwood Clinic impacted 228K individuals and a Denver cardiology practice breach hit 287K. Continue Reading
-
News
14 Mar 2022
Logan Health Faces Lawsuit in Wake of Hacking Incident
Montana-based Logan Health Medical Center suffered a hacking incident in November that impacted over 213,000 individuals and exposed protected health information. Continue Reading
-
News
09 Mar 2022
CO Hospital Suffers Email Data Breach, 52K Impacted
Montrose Regional Health in Colorado discovered an email data breach that impacted over 52,000 individuals. Healthcare data breaches continue to overwhelm the sector. Continue Reading
-
News
07 Mar 2022
Duncan Regional Hospital Data Breach Impacts 92K
Duncan Regional Hospital, Crossroads Health, and others disclosed separate healthcare data breaches that collectively impacted hundreds of thousands of individuals. Continue Reading
-
News
03 Mar 2022
Monongalia Health Suffers Second Healthcare Data Breach
A few months after Monongalia Health suffered a phishing attack, the West Virginia-based health system began notifying victims of another healthcare data breach. Continue Reading
-
News
28 Feb 2022
Houston Health Department Suffers Healthcare Data Breach
The Houston Health Department, EPIC Pharmacy Network, and Alliance Physical Therapy Group began notifying patients of healthcare data breaches recently. Continue Reading
-
News
25 Feb 2022
Montana Medical Center Faces Hacking Incident Impacting 214K
Logan Health Medical Center suffered a hacking incident that impacted nearly 214K individuals as hacking incidents increase across the healthcare sector. Continue Reading
-
News
23 Feb 2022
Jackson Hospital Suffers Patient Data Exfiltration Incident
Recent data breaches included data exfiltration at Florida-based Jackson Hospital and improper PHI access by an employee at Michigan Medicine. Continue Reading
-
News
22 Feb 2022
Sea Mar Community Health Centers Faces Lawsuit Over Data Breach
Sea Mar Community Health Centers in Seattle is now facing a lawsuit after a 2021 data breach that impacted 688,000 individuals. Continue Reading
-
News
17 Feb 2022
Malware, Employee Email Breaches Result in PHI Exposure
Employee email breaches, malware, and unauthorized access continue to cause PHI exposure at small healthcare organizations across the country. Continue Reading
-
News
16 Feb 2022
Illinois Hospital, FQHC Suffer Healthcare Data Breaches, PHI Exposure
South Shore Hospital in Chicago and Family Christian Health Center in Harvey, IL are both rebounding from healthcare data breaches. Continue Reading
-
News
09 Feb 2022
Lengthy Healthcare Cyberattack Recovery Disrupts MD Department of Health
The Maryland Department of Health just entered month three of the healthcare cyberattack recovery process as data breaches continue to torment healthcare organizations. Continue Reading
-
News
04 Feb 2022
Third-Party Data Breaches, Unauthorized Email Access Cause PHI Exposure
A Massachusetts billing company data breach impacted some Beth Israel clients, and the CO Department of Human Services fell victim to a third-party data breach. Continue Reading
-
News
03 Feb 2022
KY Hospital Systems Still Down 1 Week After Cybersecurity Incident
Taylor Regional Hospital in Kentucky is still experiencing phone line outages and delays more than a week after a cybersecurity incident took its systems offline. Continue Reading
-
News
27 Jan 2022
KY Hospital Systems Down During Cybersecurity Incident Investigation
Hospital systems and phone lines are down at a Kentucky hospital, and a server misconfiguration resulted in potential PHI exposure in a California county. Continue Reading
-
News
24 Jan 2022
Outpatient Facilities Continue To Be Targeted In Healthcare Cyberattacks
Some cybercriminals shifted their targets to outpatient facilities and business associates rather than big health systems. Continue Reading
-
News
19 Jan 2022
Healthcare Cyberattacks, Vendor Mishaps Result in PHI Exposure
Third-party vendor errors and healthcare cyberattacks continue to jeopardize patient privacy and cause PHI exposure. Continue Reading
-
News
18 Jan 2022
Family Medicine Practice Notifies Patients of Data Breach 1 Year Later
Netgain said it discovered the data breach in late 2020, but a Minnesota family medicine practice notified its patients in January 2022. Continue Reading
-
News
13 Jan 2022
MD Department of Health Systems Down 1 Month After Ransomware Attack
One month later, the Maryland Department of Health is still in the process of recovering from a debilitating cyberattack. Continue Reading
-
News
10 Jan 2022
Data Breaches Hit Saltzer Health, Loyola University Medical Center
The sector continues to be a prime target for healthcare data breaches that lead to network outages, data exfiltration, and PHI exposure. Continue Reading
-
News
06 Jan 2022
Business Associate Data Breach Impacts 32 Healthcare Organizations
More than 30 healthcare organizations were impacted by a business associate data breach targeted at technology vendor Ciox Health. Continue Reading
-
News
06 Jan 2022
Healthcare Data Breaches Continue as New Year Begins
Healthcare data breaches are continuing to cause turmoil for patients, providers, and the industry as a whole this year. Continue Reading
-
News
04 Jan 2022
Billing Error Causes PHI Breach at Illinois Health System
The PHI breach occurred when the information of 1,729 Advocate Aurora Health patients was mailed to the wrong location following a billing error. Continue Reading
-
News
04 Jan 2022
PHI Breach, Data Exfiltration at Broward Health Impacts 1.3 Million
A PHI breach at Florida-based Broward Health impacted over 1.3 million patients and employees and resulted in data exfiltration. Continue Reading
-
News
03 Jan 2022
Accounting Firm Faces Lawsuit Over Healthcare Data Breach
Accounting firm Bansley and Kiener is facing a class-action lawsuit after a healthcare data breach that exposed personally identifiable information. Continue Reading
-
News
23 Dec 2021
West Virginia-Based Monongalia Health System Suffers Phishing Attack
Monongalia Health System began notifying patients of a phishing attack that occurred in October and may have exposed employee and patient PII and PHI. Continue Reading
-
News
21 Dec 2021
Network Outages, Healthcare Cyberattacks Ramp Up as Holidays Approach
A healthcare cyberattack resulted in PHI exposure Texas ENT Specialists, and Missouri-based Capital Region Medical Center’s systems remain down after a network outage. Continue Reading
-
News
16 Dec 2021
Kronos Cyberattack Takes Down Healthcare Workforce Management Services
HR management solutions provider Kronos was the target of a recent cyberattack that is now impacting healthcare workforce management and payroll services. Continue Reading
-
News
08 Dec 2021
Two Data Breaches at WA Senior Care Nonprofit Impact 103K
Washington-based senior care nonprofit Sound Generations experienced two data breaches that impacted over 103K individuals and potentially exposed PII. Continue Reading
-
News
06 Dec 2021
Cyberattack Pushes Maryland Department of Health Website Offline
A cyberattack forced the Maryland Department of Health website offline, preventing residents from accessing the site’s healthcare resources. Continue Reading
-
News
02 Dec 2021
Mid-Size Orgs Continue to Be Targeted in Healthcare Cyberattacks
Small to mid-size organizations and outpatient facilities continue to be targets for healthcare cyberattacks that often lead to PHI exposure. Continue Reading
-
News
01 Dec 2021
Unprotected Database Exposes 170K Healthcare Staffing Records
Researchers discovered an unprotected database that contained 170K healthcare staffing records, potentially exposing passwords, Social Security numbers, and photos. Continue Reading
-
News
30 Nov 2021
Former NY Hospital Employee Charged with HIPAA Violation
A former employee at Huntington Hospital in New York was charged with a HIPAA violation for accessing the PHI of 13,000 patients. Continue Reading
-
News
24 Nov 2021
Millions of Patients Receive Healthcare Data Breach Notifications
Utah Imaging Associates began notifying nearly 600K of a healthcare data breach, and Eskenazi Health began notifying over 1.5 million individuals. Continue Reading
-
News
17 Nov 2021
Ohio Hospital Faces Sixth Day of EHR Downtime After Cyberattack
In other data breach news, new postings on OCR’s data breach portal shows some of the largest healthcare cyberattacks of the year. Continue Reading
-
News
15 Nov 2021
EHR Downtime Persists in Wake of Ohio Medical Center Cyberattack
Southern Ohio Medical Center is currently facing EHR downtime and appointment cancelations as it recovers from a cyberattack that previously led to ambulance diversions. Continue Reading
-
News
10 Nov 2021
Hackers Hit Healthcare, Other Sectors With Cyber Espionage Attacks
Unidentified hackers breached nine organizations in a range of industries including healthcare in an orchestrated cyber espionage attack. Continue Reading
-
News
09 Nov 2021
320K Impacted in EHR Vendor Breach, Ransomware Hits Health Systems
An EHR vendor breach exposed the PHI of 320K, while unauthorized email access and ransomware disrupted the operations of other health systems. Continue Reading
-
News
04 Nov 2021
Compromised Medical Records, Ransomware Attacks Trouble Healthcare
One California health center’s communication system remains down three weeks after a cyberattack while ransomware and PHI exposure continue to impact healthcare. Continue Reading
-
News
03 Nov 2021
Healthcare Cyberattacks Target 2 TX Hospitals, Expose PHI
Lavaca Medical Center and Throckmorton County Memorial Hospital both suffered cyberattacks that led to PHI exposure. Continue Reading
-
News
02 Nov 2021
Health App Security Bug Exposed COVID-19 Vaccine Records
COVID-19 vaccine records from residents of New Jersey and Utah were exposed due to a security bug in the health app Docket. Continue Reading
-
News
28 Oct 2021
Recent Health Data Breaches Cause EHR Downtime, Deploy Malware
Health data breaches caused by malware and improper data use by employees continue to impact patient care and cause EHR downtime, according to some recent cases. Continue Reading
-
News
27 Oct 2021
Third-Party Vendor Ransomware Attack Impacts Humana, Anthem Members
PracticeMax, a billing and IT solutions provider, experienced a ransomware attack that impacted some Humana and Anthem members. Continue Reading
-
News
26 Oct 2021
MI Man Sentenced to 7 Years in Prison for UPMC PII Breach
Justin Johnson hacked UPMC’s HR database and stole the PII of more than 65,000 employees; he later sold the information on the dark web. Continue Reading
-
News
21 Oct 2021
Spoofing, Phishing, Ransomware Continue to Overwhelm Health Systems
One hospital is being inundated with reports of spoofed phone calls, as others deal with unauthorized email access, phishing, and ransomware. Continue Reading
-
News
14 Oct 2021
Malware, Unauthorized Access Lead to Healthcare PHI Breaches
Unauthorized access and malware lead to healthcare PHI breaches and network outages for clinics across the country grappling with growing cyber threats. Continue Reading
-
News
07 Oct 2021
3 Indiana Clinics Suffer Healthcare Data Breaches
Other recent breaches include a health plan data breach at a trucking company, a PHI breach at a MN medical center, and a phishing attack on a TX epilepsy foundation. Continue Reading
-
News
05 Oct 2021
Healthcare Cyberattack Leaves a System’s Network Down in IN
Johnson Memorial Health’s computer network remains disabled, and the health system is working with the FBI to investigate the healthcare cyberattack. Continue Reading
-
News
30 Sep 2021
Bad Actors Target Small Clinics With Healthcare Ransomware Attacks
Cybercriminals continue to target small healthcare facilities with ransomware attacks, causing EHR downtime and care disruptions. Continue Reading
-
News
30 Sep 2021
UC San Diego Health Sued Over Healthcare Data Breach
The lawsuit alleges that UC San Diego Health did not notify healthcare data breach victims in a timely manner and failed to implement preventive cybersecurity measures. Continue Reading
-
News
23 Sep 2021
Alaska Health Department Notifies Residents of Cyberattack
The Alaska Department of Health and Social Services began notifying the public about a cyberattack that impacted an unknown number of Alaskans. Continue Reading
-
News
23 Sep 2021
Hive Ransomware Continues to Attack Healthcare Providers
Healthcare data breaches continue as Hive ransomware and other major hacking groups ramp up. Meanwhile, other recent breaches involved unauthorized access to PHI and other information. Continue Reading
-
News
21 Sep 2021
Improper Hard Drive Disposal Leads to Health Data Breach for 100K
Over 100K patients at HealthReach Community Health Centers in Maine may have had their personal data leaked due to improper disposal of the health center’s hard drives. Continue Reading
-
News
20 Sep 2021
St. Joseph’s/Candler Faces Lawsuits in Wake of Ransomware Attack
The class action lawsuits allege that the Georgia health system ignored ransomware warnings by federal agencies and failed to create a data recovery plan. Continue Reading
-
News
15 Sep 2021
Walgreens’ COVID-19 Testing Registration System Exposes PII
Millions were potentially impacted by vulnerabilities on Walgreens’ COVID-19 testing registration system that gave anyone on the internet easy access to patient PII. Continue Reading
-
News
14 Sep 2021
Houston Provider Delayed Notice of Ransomware Attack for Months
The data breach at Gastroenterology Consultants occurred in January, but patients only began receiving letters about the ransomware attack in early August. Continue Reading
-
News
10 Sep 2021
AZ Ransomware Attack Leads to Unrecoverable EHRs, Data Loss
An Arizona medical center will have to rebuild thousands of patient records after a ransomware attack resulted in corrupted EHRs and data loss. Continue Reading
-
News
09 Sep 2021
Business Associate Ransomware Attack Impacts 115K in CA
California-based LifeLong Medical Care notified over 115,000 individuals of a third-party business associate ransomware attack that may have exposed PHI. Continue Reading
-
News
08 Sep 2021
DuPage Medical Group Faces Lawsuit After Cyberattack Impacts 600K
Less than a week after DuPage Medical Group notified over 600,000 patients of a cyberattack that exposed PHI, two patients filed a lawsuit seeking damages. Continue Reading
-
News
08 Sep 2021
MA Hospital Faces Class Action Suit After Paying Ransomware Attackers
Sturdy Memorial Hospital in Attleboro, Massachusetts is facing a class action lawsuit after paying ransomware attackers for stolen data. Continue Reading
-
News
07 Sep 2021
Healthcare Ransomware Attack in CA Involves PHI of 57K
San Andreas Regional Center in California experienced a healthcare ransomware attack that may have exposed the PHI of over 57,000 individuals. Continue Reading
-
News
03 Sep 2021
Beaumont Health Latest Victim of Accellion Data Breach
Nearly nine months after the Accellion data breach, Beaumont Health in Michigan joined a list of over 11 healthcare organizations impacted by the cyberattack. Continue Reading
-
News
02 Sep 2021
Microsoft Vulnerability Leaks COVID-19 Vaccination Records in TX County
A Microsoft vulnerability discovered by an independent cybersecurity firm resulted in hundreds of thousands of vaccination records being leaked in Denton County, TX. Continue Reading
-
News
02 Sep 2021
98K Patients, Employees Impacted by Oklahoma Provider Data Breach
Oklahoma-based provider CareATC suffered a provider data breach that impacted over 98,000 individuals when an unauthorized third party gained access to employee email accounts. Continue Reading
-
News
01 Sep 2021
Protected Health Information Exposed in Large Cyberattack in IL
DuPage Medical Group began notifying 600K patients that their protected health information may have been compromised in a cyberattack that resulted in network and phone outages. Continue Reading
-
News
31 Aug 2021
IL Provider Faces Healthcare Data Breach, 171K Patients Exposed
Illinois-based Metro Infectious Disease Consultants alerted 171K patients that their data may have been exposed during a healthcare data breach. Continue Reading
-
News
27 Aug 2021
CA Attorney General Calls Out Unreported Healthcare Data Breaches
After multiple ransomware attacks went unreported, California’s attorney general issued a bulletin to providers reminding them to report healthcare data breaches. Continue Reading
-
News
26 Aug 2021
Healthcare Ransomware Attack Leads to EHR Downtime in IN
A healthcare ransomware attack in Indiana resulted in EHR downtime and potential exposure of patient and employee PII after bad actors released data online. Continue Reading
-
News
26 Aug 2021
Healthcare Ransomware Attack at Indiana ENT Office Impacts 45K
Indiana-based CarePointe ENT suffered a healthcare ransomware attack that may have exposed the PII and PHI of over 48,000 individuals. Continue Reading
-
News
25 Aug 2021
GA Provider Sends Notice of Healthcare Data Breach to 9,800 Patients
The PHI was removed from Atlanta Allergy & Asthma’s network in January during a healthcare data breach. Continue Reading
-
News
25 Aug 2021
Healthcare Phishing Scam Exposes PHI for 12K Patients in UT
Utah-based Revere Health fell victim to a healthcare phishing scam that exposed PHI for 12K patients in a 45-minute time period. Continue Reading
-
News
24 Aug 2021
Microsoft Data Breach Exposes 38M Records Containing PII
A Microsoft Power Apps data breach exposed 38M records across 47 organizations containing PII, including some governmental public health agencies. Continue Reading
-
News
20 Aug 2021
St. Joseph’s/Candler Back Online After Ransomware Attack
St. Joseph’s/Candler is back online after falling victim to a ransomware attack that forced the health system into EHR downtime and exposed protected health information. Continue Reading
-
News
19 Aug 2021
More Than 600K Patients Impacted by UNM Health Data Breach
UNM Health discovered a data breach that impacted over 600,000 patients, possibly exposing personally identifiable information. Continue Reading
-
News
17 Aug 2021
Electromed Data Breach Impacting Customers', Staffers’ PHI
A cyberattack on a Minnesota company caused a data breach of PHI. Continue Reading
-
News
13 Aug 2021
Catholic Health Impacted by CaptureRx Data Breach, Patients’ PHI Exposed
The CaptureRx data breach is now impacting Catholic Health patients' PHI. Continue Reading
-
News
23 Jul 2021
Elekta Data Breach Impacting Over 64K McLaren Patients’ PHI
Michigan's McLaren Health Care Corporation's patients are impacted by the recent Elekta data breach. Continue Reading
-
News
06 Jul 2021
Northwestern Memorial HealthCare Latest Victim of Elekta’s PHI Data Breach
The Chicago-based healthcare system’s oncology patients’ PHI was exposed in the April 2021 data breach. Continue Reading
-
News
05 Jul 2021
Healthcare Ransomware Attack Targets Practice Management Vendor
Practice management vendor Practicefirst announced a 2020 healthcare ransomware attack that may have exposed patient and employee PII. Continue Reading
-
News
01 Jul 2021
Hospital Ransomware Attack in Las Vegas Exposes PII
University Medical Center of Southern Nevada fell victim to a hospital ransomware attack claimed by hacker group REvil that exposed PII. Continue Reading
-
News
28 Jun 2021
Renown Health Falls Victim to Elekta Data Breach, PHI Exposed
Nevada-based Renown Health is the latest to announce that its patients’ PHI was accessed through an Elekta data breach that impacted over 40 other organizations. Continue Reading
-
News
28 Jun 2021
UofL Health Data Breach Occurs After PHI Sent to Wrong Email
UofL Health in Kentucky notified over 40,000 patients of a health data breach after it emailed protected health information to the wrong email address. Continue Reading
-
News
25 Jun 2021
Hoya Optical Labs Notifies Consumers of Healthcare Ransomware Attack
Hoya Optical Labs sent notices to customers alerting them of a healthcare ransomware attack in April that exposed personally identifiable information. Continue Reading
-
News
24 Jun 2021
OSU Data Breach Impacts Veterans, More Ransomware Attacks
Other recent healthcare data breaches include a ransomware attack in Mississippi and a breach at an Iowa eye clinic. Continue Reading
-
News
24 Jun 2021
UVM Health Continues to Feel Effects of Ransomware Attack
Eight months after a ransomware attack that incurred costs upwards of $63 million, UVM Health continues to experience setbacks and financial losses. Continue Reading