Healthcare data breaches
Healthcare data breaches can result from hacking, data theft, loss or unauthorized access. Whatever the cause, these breaches can potentially jeopardize patient privacy by exposing protected health information. Understanding the latest data breach patterns can help healthcare organizations mitigate risk.
Top Stories
-
News
18 Dec 2024
Nebraska attorney general sues Change Healthcare over breach
The Nebraska attorney general sued Change Healthcare, alleging violations of Nebraska's consumer protection and data security laws. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
12 Dec 2024
10 largest healthcare data breaches of 2024
Upward of 137 million individuals were affected by the 10 largest healthcare data breaches reported to OCR in 2024 combined, with Change Healthcare accounting for 100 million. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Jun 2021
Hoya Optical Labs Notifies Consumers of Healthcare Ransomware Attack
Hoya Optical Labs sent notices to customers alerting them of a healthcare ransomware attack in April that exposed personally identifiable information. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Jun 2021
OSU Data Breach Impacts Veterans, More Ransomware Attacks
Other recent healthcare data breaches include a ransomware attack in Mississippi and a breach at an Iowa eye clinic. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Jun 2021
UVM Health Continues to Feel Effects of Ransomware Attack
Eight months after a ransomware attack that incurred costs upwards of $63 million, UVM Health continues to experience setbacks and financial losses. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Jun 2021
Scripps Health Ransomware Attack Leads to Class-Action Lawsuits
Scripps Health is facing two class-action lawsuits in light of a recent ransomware attack that plaintiffs say was preventable. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Jun 2021
Ohio Medicaid Reports Provider Data Leak, Other Health Data Breaches
Recent health data breaches led to PII exposure for Ohio Medicaid providers, Catholic Health patients, and a Georgia fertility clinic’s patients. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Jun 2021
Insight Global Calls on Former Employees to Secure PII Data Breach
Fired PA contractor Insight Global asked former employees to secure documents from its contact tracing program months after its PII data breach was supposedly secured. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jun 2021
St. Joseph’s/Candler Suffers Ransomware Attack, EHR Downtime
Computers are still down after St. Joseph’s/Candler in Savannah, Georgia experienced a ransomware attack on June 17th, causing EHR downtime. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jun 2021
CVS Health Faces Data Breach,1B Search Records Exposed
Over 1 billion search records were accidentally posted online in a CVS Health data breach in late March, as reported by an independent cybersecurity researcher. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jun 2021
UF Health Cyberattack Now Affecting Patient Care
A May 31st cyberattack on UF Health led to EHR downtime, but employees are now reporting additional negative impacts on patient care. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Jun 2021
CaptureRx Data Breach Hits MetroHealth System, 16 Others
A CaptureRx data breach impacted MetroHealth System and 16 other healthcare organizations with ransomware that exposed the health data of over a million patients. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Jun 2021
Elekta Data Breach Leaks Patient Info at Oklahoma Cancer Center
Cancer Centers of Southwest Oklahoma revealed that patient information may have been exposed through an Elekta data breach of over 40 healthcare sites in April. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Jun 2021
Phishing Attack on Five Rivers Health Impacts Data of 156K Patients
Five Rivers Health Centers found a phishing attack led to a two-month long system hack last year; a systems hack, more phishing, and a vendor incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
07 Jun 2021
Cyberattack Drives 2 UF Health Hospitals to EHR Downtime
Reports show UF Health in Central Florida leadership is looking into a cyberattack against two of its hospitals, while operating under EHR downtime procedures. Continue Reading
By- Jessica Davis
-
News
03 Jun 2021
Data of 3.3M 20/20 Hearing Care Patients Hacked From Cloud Database
The 20/20 Hearing Care Network found an actor hacked into its AWS cloud database and deleted patient data; ransomware, a system hack, yet another Netgain breach victim, and a data security incident, complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
26 May 2021
207K Rehoboth McKinley Patients Tied to Conti Ransomware, Data Leak
Rehoboth McKinley Christian Health notifies patients, after Conti ransomware actors leaked their data two months ago; CaptureRx breach, data leak, a programming error, an email hack, and Netgain victims, complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
24 May 2021
Cyberattack Updates: Alaska Health Dept, Scripps' Recovery, Ireland HSE
As ransomware continues to disrupt the healthcare sector on a global level, a number of providers are facing ongoing outages, while a vendor is creating a decryptor for Ireland HSE. Continue Reading
By- Jessica Davis
-
News
18 May 2021
Allergy Partners: Data Stolen During Ransomware Attack, EHR Outage
After a ransomware attack and EHR outage in February, Allergy Partners found the actors exfiltrated data; more data theft, a server misconfiguration, and PACS exposure complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
18 May 2021
Healthcare Ransomware Outages: Scripps, Ireland HSE, and NZ Hospitals
In the last few weeks, ransomware attacks on the healthcare sector have led to system outages and EHR downtime at Scripps Health, New Zealand hospitals, and Ireland's health system. Continue Reading
By- Jessica Davis
-
News
10 May 2021
Scripps Health EHR, Patient Portal Still Down After Ransomware Attack
After a ransomware attack on May 1, some technical services remain down at Scripps Health, including the EHR, website, and patient portal; more ransomware, vendor incidents, and an email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
Answer
03 May 2021
Ransomware Hits Scripps Health, Disrupting Critical Care, Online Portal
Scripps Health is operating under EHR downtime and diverting some critical care after a ransomware attack over the weekend; a third-party incident, employee error, phishing, email hacks, and another Netgain victim complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
23 Apr 2021
4 Healthcare Providers, Vendors Report Data Breaches From 2020
HIPAA requires entities to report data breaches within 60 days of discovery; malware, phishing, an email hack, another Accellion victim, and malware complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
15 Apr 2021
Hackers Steal Data of 200K During CareFirst BlueCross DC Cyberattack
A cyberattack on CareFirst BlueCross in DC, formerly Trusted Health Plans, resulted in the theft of member data; an email hack, ransomware, and malware incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
08 Apr 2021
Ransomware: Extortion Actors Leak Data, Vendor Attack Disrupts Services
Ransomware threat actors have been busy in the last month, posting data from at least nine healthcare providers and attacking a third-party vendor -- leading to care disruptions. Continue Reading
By- Jessica Davis
-
News
08 Apr 2021
586K Trinity Health Patients Added to Accellion Tally, as Lawsuits Pile Up
Accellion is now facing at least 14 lawsuits following a hack and subsequent data theft of its FTA platform. Trinity Health reports more than half a million of its patients were also affected. Continue Reading
By- Jessica Davis
-
News
06 Apr 2021
Accellion Breach Tally for Centene’s Subsidiaries: 1.3M Patients Impacted
The HHS reporting tool shows 1.2M patients of Centene subsidiaries were included in the Accellion FTA hack; a new Netgain victim, vendor incident, and an email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
02 Apr 2021
Patient Data from Multiple Providers Leaked in Third-Party GitHub Incident
A new report shows an employee of third-party vendor MedData uploaded troves of patient data from multiple providers onto the public data repository, GitHub Arctic Code Vault. Continue Reading
By- Jessica Davis
-
News
30 Mar 2021
PACS Vulnerability of Orthopedic Specialist Exposes Data From 28K
As previously reported, a PACS vulnerability at Mendelson Kornblum Orthopedic left patient data exposed; an email hack, cyberattacks, and vendor incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
25 Mar 2021
Amazon Sued for Hosting Florida Provider's Stolen Healthcare Data
Florida-based SalusCare has sued Amazon Web Services for hosting healthcare data allegedly stolen from the Florida provider. The lawsuit aims to compel the data’s release. Continue Reading
By- Jessica Davis
-
News
23 Mar 2021
Ransomware Extortion Threat Actors Post Data from 4 Healthcare Entities
Recent dark web postings of data allegedly stolen from healthcare entities show that ransomware extortion threat actors will continue to target healthcare in 2020. Continue Reading
By- Jessica Davis
-
News
18 Mar 2021
Data of 50K PACE Program Patients Stolen from PeakTPA Cloud Servers
NetWalker hackers stole PACE program patient data from Peak PTA's cloud servers; ransomware, more Accellion victims, network hack, phishing, and a misconfiguration complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
11 Mar 2021
Trillium, SIU Medicine Added to Tally of Accellion FTA Breach Victims
Trillium and SIU Medicine reported their data was included in the Accellion FTA exploit; ransomware, email hacks, and insider wrongdoing complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
09 Mar 2021
Over 300K Patients Affected by Elara Caring, Woodcreek Provider Breaches
Elara Caring notified 100,000 individuals of an email hack impacting their data, while a vendor incident involved over 200,000 individuals from Woodcreek Provider Services. Continue Reading
By- Jessica Davis
-
News
04 Mar 2021
100K Patients Impacted by Cochise Eye and Laser Ransomware Attack
Cochise Eye and Laser has continued under EHR downtime after a ransomware hit in mid-January; more ransomware incidents and an email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
25 Feb 2021
FBI Finds Data of 79K Gore Medical Patients from 2017 Data Theft
The FBI notified Gore Medical that it found the data belonging to 79,100 patients from 2017 on a third-party computer; a COVID-19 data leak and two email hacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
22 Feb 2021
Hospital Recovers from Ransomware; Vendor Incidents Hit Kroger, Provider
A New Mexico hospital is currently recovering from a cyberattack, days after hackers posted data from its affiliate. Kroger and a specialist report vendor-related ransomware incidents. Continue Reading
By- Jessica Davis
-
News
18 Feb 2021
Sutter Buttes Imaging PACS Vulnerability Causes 18 Month Data Breach
A vulnerability in some third-party tech used by Sutter Buttes Imaging in California caused an 18 month data leak; an email hack, ransomware, and a security incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
16 Feb 2021
Ransomware Actors Leak Data From 3 More Healthcare-Related Entities
The Avaddon, Conti, and REvil ransomware threat actors are at it again: this time leaking data from a medical center, health system, and an IT vendor with some healthcare clients. Continue Reading
By- Jessica Davis
-
News
12 Feb 2021
219K Nebraska Medicine Patients Affected by Fall Ransomware Attack
A security incident that drove Nebraska Medicine into EHR downtime potentially led to the theft of some patient data; an email hack, third-party incident, and phishing complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
02 Feb 2021
Actor Exploits Beaumont Health’s COVID-19 Vaccine Scheduling Tool
Beaumont Health was forced to cancel 2,700 COVID-19 vaccine appointments after an actor exploited an app vulnerability; a website hack, vendor-related incident, and a ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
01 Feb 2021
Judge Dismisses Brandywine Urology Breach Lawsuit, Citing Lack of Harm
A judge has granted a motion to dismiss a data breach lawsuit against Brandywine Urology Consultants, as the victims failed to provide evidence of actual harm. Continue Reading
By- Jessica Davis
-
News
26 Jan 2021
Cyberattack Drives Okanogan County Public Health IT System Offline
The public health department of Washington’s Okanogan County has been driven offline, after a cyberattack on the government’s infrastructure; a business associate breach and two email hacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
26 Jan 2021
Patient Sues Rady Children’s Hospital Over Blackbaud Data Breach
Rady Children’s Hospital in San Diego is being sued by a guardian of a patient whose information was compromised during last year’s hack of Blackbaud, its vendor. Continue Reading
By- Jessica Davis
-
News
19 Jan 2021
COVID-19 Vaccine Data Manipulated Before Leak to Impair Public Trust
The hackers who stole COVID-19 vaccine data last month, modified the information before leaking it online to undermine public trust; email hacks, a security incident, and data extortion complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
13 Jan 2021
Hackers Leak COVID-19 Vaccine Data Stolen During EU Regulator Breach
The COVID-19 vaccine data stolen from an EU regulator in December was leaked online by the hackers; phishing attacks and an email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
07 Jan 2021
Minnesota’s Lake Region Healthcare Recovering From Ransomware Attack
A ransomware attack struck Minnesota-based Lake Region Healthcare just before Christmas, resulting in some system disruptions; “activist” data leaks and two email hacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
05 Jan 2021
Healthcare Accounts for 79% of All Reported Breaches, Attacks Rise 45%
Reports show a 45 percent spike in attacks against healthcare providers since November, as the sector accounted for 79 percent of all reported data breaches in 2020. Continue Reading
By- Jessica Davis
-
News
29 Dec 2020
484K Aetna ACE Plan Members Impacted by EyeMed Email Hack
The July email hack of EyeMed included data from 484,157 Aetna ACE plan members; data extortion attempts, a ransomware attack, and a business associate phishing incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
16 Dec 2020
Third-Party Vendor Dental Care Alliance Breach Impacts 1M Patients
DCA recently notified some of its clients that a monthlong system hack breached the data of 1M patients; multiple ransomware incidents and two data misconfigurations complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
10 Dec 2020
Pfizer, BioNTech COVID-19 Vaccine Data Breached in EU Regulator Hack
The cyberattack on an EU regulator and subsequent breach of Pfizer and BioNTech COVID-19 Vaccine Data should serve as a warning to the US healthcare sector. Continue Reading
By- Jessica Davis
-
News
09 Dec 2020
UPDATE: The 10 Biggest Healthcare Data Breaches of 2020
Much like in 2019, the biggest healthcare data breach of 2020 was caused by a third-party vendor, while ransomware and other risks dominated the threat landscape. Continue Reading
By- Jessica Davis
-
News
09 Dec 2020
Ransomware Attack on Maryland’s GBMC Health Spurs EHR Downtime
GBMC HealthCare was hit with a ransomware attack on Sunday, driving the Maryland provider into EHR downtime procedures; multiple ransomware incidents, a business associate incident, and more Blackbaud victims complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
01 Dec 2020
AstraZeneca Targeted by Nation-State Actors Via Phishing Attacks, Malware
A Reuters report finds nation-state actors from North Korea sent AstraZeneca’s workforce phishing emails with malware; an email hack, a cyberattack, ransomware, and a server misconfiguration complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
25 Nov 2020
UVM Health Brings EHR Back Online, One Month After Ransomware Attack
The latest ransomware update shows multiple health providers are continuing to operate under EHR downtime procedures following attacks; UVM Health Network restored EHR access. Continue Reading
By- Jessica Davis
-
Answer
19 Nov 2020
UPDATE: Luxottica Data Leaked by Hackers After Ransomware Attack
Luxottica recently faced a ransomware attack and another hack on its appointment scheduling app. But the subsequent notice did not disclose the initial incident, nor that hackers leaked sensitive data. Continue Reading
By- Jessica Davis
-
News
18 Nov 2020
Hackers Hit COVID-19 Biotech Firm, Cold Storage Giant with Cyberattacks
Cold storage giant Americold and Global firm Miltenyi Biotec recently faced cyberattacks; ransomware, an email error, phishing, and an application hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
11 Nov 2020
‘Security Threat’ Forces Hendrick Health to EHR Downtime Procedures
Hendrick Health in Texas is operating under EHR downtime procedures after detecting a ‘security threat’; ransomware recovery, a third-party incident, more ransomware, phishing, and multiple hacking incidents complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
09 Nov 2020
Ransomware Update: More Data Leaked, NY Health System Recovers
UVM Health has progressed in its ransomware recovery efforts, while St. Lawrence Health restored its network. But three entities were not as successful, as hackers leaked more health data. Continue Reading
By- Jessica Davis
-
News
04 Nov 2020
Mount Locker Ransomware Actors Claim Sonoma Valley Hospital Attack
The actors behind Mount Locker ransomware claim responsibility for the attack on Sonoma Valley Hospital, leaking 75GB of alleged data from the provider; email hacking, another Blackbaud victim, and a phishing incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
03 Nov 2020
5 Providers Still in Downtime, as Sky Lakes Confirms Ryuk Ransomware
Sky Lakes Medical Center confirmed it was hit by Ryuk ransomware, while at least five major providers remain in EHR downtime – some for more than a week amid the COVID-19 crisis. Continue Reading
By- Jessica Davis
-
Answer
29 Oct 2020
Ransomware Wave Hits Healthcare, as 3 Providers Report EHR Downtime
A joint alert from HHS, DHS CISA, and the FBI warn of an imminent wave of ransomware attacks, including Ryuk, as three providers deal with IT disruptions under EHR downtime. Continue Reading
By- Jessica Davis
-
News
27 Oct 2020
Security Incident Drives Sonoma Valley Hospital to EHR Downtime
California-based Sonoma Valley Hospital is currently recovering from a security incident and operating under EHR downtime procedures; a hacking incident, phishing attack, and another Blackbaud breach victim complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
20 Oct 2020
Ransomware Attack Hits Dickinson County Health, Spurs EHR Downtime
Dickinson County Health in Michigan is currently operating under EHR downtime procedures after being hit with a ransomware attack; ransomware threat actors post more health data and additional Blackbaud victims complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
13 Oct 2020
3 Weeks After Ransomware Attack, All 400 UHS Systems Back Online
The UHS IT team brough all 400 US health system sites back online, following a massive ransomware attack; a phishing attack, an email hack, and another ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
05 Oct 2020
UPDATE: UHS Health System Confirms All US Sites Affected by Ransomware Attack
In an Oct. 3 update, the UHS health system confirms all US sites were impacted by the ransomware attack that struck more than a week ago; phishing incidents and more ransomware attacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
Answer
29 Sep 2020
Ransomware Spurs EHR Downtime at UHS Health System, 3 More Providers
Multiple hospitals owned by the Universal Health Services health system are experiencing EHR downtime due to a suspected ransomware attack, joining three other providers responding to “security events.” Continue Reading
By- Jessica Davis
-
Answer
17 Sep 2020
Ransomware Hacking Groups Post Data from 5 Healthcare Entities
NetWalker, REvil, SunCrypt, and Pysa, or Mespinoza, ransomware hacking groups posted data allegedly stolen from five healthcare entities in recent weeks to blackmail them into paying the ransom. Continue Reading
By- Jessica Davis
-
News
14 Sep 2020
1M Inova Health Individuals Added to Blackbaud Breach Victim Tally
Over 1 million individuals from Inova Health and several other providers were added to the Blackbaud breach victim tally; an email hack, and a cyberattack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
08 Sep 2020
Assured Imaging Ransomware Causes Data Theft Affecting 245K Patients
A ransomware attack on Assured Imaging’s EMR allowed some patient data to be exfiltrated; Blackbaud ransomware attack adds 708,690 more individuals, threat actors post more patient data, and a phishing incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
31 Aug 2020
112K Patients Impacted by Utah Pathology Services Email Hack
A hacker attempted to redirect funds from Utah Pathology Services after breaching an employee email account; patient data leaked by threat actors and another ransomware incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
24 Aug 2020
Ransomware Attack Impacts Medical Debt Collections Firm R1 RCM
R1 RCM, one of the largest US medical debt collections firms, recently took down its systems in response to a ransomware attack; an email hack, ransomware, malware, and COVID-19 patient data complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
18 Aug 2020
Blackbaud Ransomware Hack Affects 657K Maine Health System Donors
A Blackbaud ransomware attack breached the data of 657,392 donors to Northern Light Health Foundation and other entities; malware, a phishing incident, and another ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
17 Aug 2020
9 GitHub Repositories Found Leaking Health Data from Over 150K Patients
A new collaborative report from Jelle Ursem and DataBreaches.net found nine GitHub repositories were routinely leaking a trove of protected health information from at least 150,000 patients. Continue Reading
By- Jessica Davis
-
News
10 Aug 2020
Ransomware Hackers Post Data From 2 Providers, Device Manufacturer
NetWalker and DoppelPaymer ransomware actors posted data online from a device manufacturer and two providers; email hacks, malware, and a phishing incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
03 Aug 2020
Moderna COVID-19 Vaccine Data Targeted by Nation-State Hackers
Hackers tied to China targeted the COVID-19 vaccine research developer Moderna in an effort to steal data; ransomware, records theft, and an employee email hack completes this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
27 Jul 2020
National Cardiovascular Partners Email Hack Impacts 78K Patients
A hacker gained access to the email account of an employee of National Cardiovascular Partners for nearly a month; a phishing incident, ransomware, and medical record theft completes this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
21 Jul 2020
Lorien Health Services Ransomware Attack Impacts 48K Patients
NetWalker ransomware hackers claim to have stolen data from Lorien Health Services before launching a cyberattack; an email error, email hack, and business associate incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
13 Jul 2020
274K Patients Impacted by Benefit Recovery Specialists Credential Hack
A hacker obtained the credentials of a Benefit Recovery Specialists’ employee to gain access to the insurer’s systems and deploy malware; a business associate breach and email hacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
08 Jul 2020
UPDATE: The 10 Biggest Healthcare Data Breaches of 2020, So Far
Despite the COVID-19 crisis, phishing campaigns, mishandled health record disposals, and sophisticated cyberattacks are behind some of the biggest healthcare data breaches of 2020. Continue Reading
By- Jessica Davis
-
News
07 Jul 2020
Magellan Health Data Breach Victim Tally Reaches 365K Patients
The tally of breach victims impacted by an April ransomware attack on Magellan Health has been reported to HHS as impacting over 365,000 patients; member portal breaches and another ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
30 Jun 2020
American Medical Tech Reports 2019 Email Hack Impacting 47K Patients
American Medical Technologies is just now reporting a breach discovered in 2019 impacting more than 47,000 patients; ransomware attacks, email hacks, and a COVID-19 dashboard incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
22 Jun 2020
Care New England Resolves Weeklong Cyberattack Impacting Servers
Care New England has been investigating a cyberattack on its systems for nearly a week, which shut down its website: ransomware hackers post healthcare data, a phishing incident, and email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
15 Jun 2020
Cano Health Reports 2-Year Email Hack Impacting Patient Data
First discovered in April, hackers breached three Cano Health employee email accounts for a two-year period; two ransomware attacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
08 Jun 2020
Cyberciminals Access PHI, Steal Gift Cards from Kentucky Health Plan
Hackers were able to access protected health information and fraudulently obtain gift cards from the Kentucky Employees’ Health Plan; multiple insider incidents and improper records disposal complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
02 Jun 2020
Hackers Access PHI During Mat-Su Surgical Ransomware Attack
Arkansas-based Mat-Su Surgical is notifying 13,146 patients that a hacker accessed their PHI during a ransomware attack in March; a website configuration error and another ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
19 May 2020
30K Patients Impacted in Ohio Business Associate Breach from 2019
Several employee email accounts of Ohio business associate MNS were hacked in 2019; a phishing campaign and two insider incidents complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
13 May 2020
Ransomware Attack on Magellan Health Results in Data Exfiltration
Magellan Health, a Fortune 500 company, reports hackers exfiltrated data from its systems before launching a ransomware attack; a “sophisticated cybersecurity incident” and another ransomware attack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
06 May 2020
Maze Ransomware Hackers Post Patient Data Stolen from 2 Providers
Despite assurances healthcare providers were off-limits during COVID-19, Maze ransomware hackers post patient data stolen from two covered entities; a separate phishing attack completes this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
28 Apr 2020
Ransomware Shuts Down Colorado Hospital IT Network Amid COVID-19
Parkview Medical Center is continuing to recover from a ransomware attack that shut down its IT network over a week ago; another ransomware attack and an email hack complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
21 Apr 2020
Beaumont Health Reports 2019 Data Breach Impacting 114K Patients
Hackers gained access to several Beaumont Health employee email accounts for a week in 2019; Maze ransomware, phishing incidents, and other ransomware incidents complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
14 Apr 2020
Ransomware Attack on Brandywine Urology Impacts 131K Patients
Brandywine Urology Consultants in Delaware is investigating a January ransomware attack; a business associate incident, phishing, an email hack, and another ransomware event complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
08 Apr 2020
Another COVID-19 Research Firm Targeted by Ransomware Attack
Hackers hit biotech research firm 10x Genomics with a ransomware attack amid work on potential COVID-19 treatments; two email security hacks complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
25 Mar 2020
140K Patients Impacted in Tandem Diabetes Care Phishing Attack
Several Tandem Diabetes employee email accounts were comprised during a three-day period after a phishing attack; an insider incident, email hack, and more phishing complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
Answer
24 Mar 2020
Hackers Target WHO, COVID-19 Research Firm with Cyberattacks
Hackers unsuccessfully attempted to breach the network of WHO, while Maze ransomware hackers published sensitive data from a medical research firm on standby to work on a COVID-19 vaccine. Continue Reading
By- Jessica Davis
-
News
16 Mar 2020
Illinois Public Health Website Hit With Ransomware Amid Coronavirus
Hackers infected an Illinois Public Health provider website with ransomware during the coronavirus pandemic; Maze Team exploits, phishing, malware, and a PACS incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
09 Mar 2020
Monthlong Cyberattack Disrupts Operations at UKentucky Health
The University of Kentucky and its health system have been working to remove cryptocurrency malware from its systems; another cyberattack, phishing attacks, and ransomware complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
26 Feb 2020
Accounting Firm Ransomware Hack Affects Community Care Patient Data
Maze hackers infected accounting firm BST with malware, which likely compromised patient data from Community Care Physicians; email compromises, computer hack, and a phishing incident complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
21 Feb 2020
UW Medicine Hit with Lawsuit for Breach Impacting 974K Patients
About 974,000 UW Medicine patients were impacted by a breach caused by a misconfiguration error that lasted for several weeks; the lawsuit claims the health system did not provide accurate notice. Continue Reading
By- Jessica Davis
-
News
20 Feb 2020
109K Patient Records Impacted in Overlake Medical Phishing Attack
Several Overlake Medical employees fell victim to phishing attacks, which provided attackers with account access; an email hack, updated breach reports, and ransomware complete this week’s breach roundup. Continue Reading
By- Jessica Davis
-
News
19 Feb 2020
Over 41.4M Patient Records Breached in 2019, as Hacking Jumped 49%
The Protenus Breach Barometer shows over 41.4 million patient records were exposed by 572 security incidents in 2019, while hacking incidents surged and insider-related events decreased. Continue Reading
By- Jessica Davis
-
News
12 Feb 2020
Malware Attack Hits Boston Children’s Hospital Physician Group
A physician group affiliated with Boston Children’s Hospital is experiencing a system outage caused by malware; email hacks, phishing, and database misconfiguration complete this week’s breach roundup. Continue Reading
By- Jessica Davis