Healthcare data breaches

Healthcare data breaches can result from hacking, data theft, loss or unauthorized access. Whatever the cause, these breaches can potentially jeopardize patient privacy by exposing protected health information. Understanding the latest data breach patterns can help healthcare organizations mitigate risk.

Top Stories

News 07 Nov 2024
Kaiser Permanente reports email data breach

Recent healthcare cybersecurity incidents include an email data breach that affected Kaiser Permanente and a ransomware attack against a small rural healthcare provider. Continue Reading
By
- Jill McKeon, Associate Editor
News 17 Oct 2024
BianLian cyberattack hits Boston Children's Health Physicians

BianLian cyberthreat actors claimed responsibility for a cyberattack and data breach that affected Boston Children's Health Physicians through its IT vendor. Continue Reading
By
- Jill McKeon, Associate Editor

News 23 Jun 2021
Scripps Health Ransomware Attack Leads to Class-Action Lawsuits

Scripps Health is facing two class-action lawsuits in light of a recent ransomware attack that plaintiffs say was preventable. Continue Reading
By
- Jill McKeon, Associate Editor
News 22 Jun 2021
Ohio Medicaid Reports Provider Data Leak, Other Health Data Breaches

Recent health data breaches led to PII exposure for Ohio Medicaid providers, Catholic Health patients, and a Georgia fertility clinic’s patients. Continue Reading
By
- Jill McKeon, Associate Editor
News 22 Jun 2021
Insight Global Calls on Former Employees to Secure PII Data Breach

Fired PA contractor Insight Global asked former employees to secure documents from its contact tracing program months after its PII data breach was supposedly secured. Continue Reading
By
- Jill McKeon, Associate Editor
News 21 Jun 2021
St. Joseph’s/Candler Suffers Ransomware Attack, EHR Downtime

Computers are still down after St. Joseph’s/Candler in Savannah, Georgia experienced a ransomware attack on June 17th, causing EHR downtime. Continue Reading
By
- Jill McKeon, Associate Editor
News 21 Jun 2021
CVS Health Faces Data Breach,1B Search Records Exposed

Over 1 billion search records were accidentally posted online in a CVS Health data breach in late March, as reported by an independent cybersecurity researcher. Continue Reading
By
- Jill McKeon, Associate Editor
News 21 Jun 2021
UF Health Cyberattack Now Affecting Patient Care

A May 31st cyberattack on UF Health led to EHR downtime, but employees are now reporting additional negative impacts on patient care. Continue Reading
By
- Jill McKeon, Associate Editor
News 16 Jun 2021
CaptureRx Data Breach Hits MetroHealth System, 16 Others

A CaptureRx data breach impacted MetroHealth System and 16 other healthcare organizations with ransomware that exposed the health data of over a million patients. Continue Reading
By
- Jill McKeon, Associate Editor
News 15 Jun 2021
Elekta Data Breach Leaks Patient Info at Oklahoma Cancer Center

Cancer Centers of Southwest Oklahoma revealed that patient information may have been exposed through an Elekta data breach of over 40 healthcare sites in April. Continue Reading
By
- Jill McKeon, Associate Editor
News 11 Jun 2021
Phishing Attack on Five Rivers Health Impacts Data of 156K Patients

Five Rivers Health Centers found a phishing attack led to a two-month long system hack last year; a systems hack, more phishing, and a vendor incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 07 Jun 2021
Cyberattack Drives 2 UF Health Hospitals to EHR Downtime

Reports show UF Health in Central Florida leadership is looking into a cyberattack against two of its hospitals, while operating under EHR downtime procedures. Continue Reading
By
- Jessica Davis
News 03 Jun 2021
Data of 3.3M 20/20 Hearing Care Patients Hacked From Cloud Database

The 20/20 Hearing Care Network found an actor hacked into its AWS cloud database and deleted patient data; ransomware, a system hack, yet another Netgain breach victim, and a data security incident, complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 26 May 2021
207K Rehoboth McKinley Patients Tied to Conti Ransomware, Data Leak

Rehoboth McKinley Christian Health notifies patients, after Conti ransomware actors leaked their data two months ago; CaptureRx breach, data leak, a programming error, an email hack, and Netgain victims, complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 24 May 2021
Cyberattack Updates: Alaska Health Dept, Scripps' Recovery, Ireland HSE

As ransomware continues to disrupt the healthcare sector on a global level, a number of providers are facing ongoing outages, while a vendor is creating a decryptor for Ireland HSE. Continue Reading
By
- Jessica Davis
News 18 May 2021
Allergy Partners: Data Stolen During Ransomware Attack, EHR Outage

After a ransomware attack and EHR outage in February, Allergy Partners found the actors exfiltrated data; more data theft, a server misconfiguration, and PACS exposure complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 18 May 2021
Healthcare Ransomware Outages: Scripps, Ireland HSE, and NZ Hospitals

In the last few weeks, ransomware attacks on the healthcare sector have led to system outages and EHR downtime at Scripps Health, New Zealand hospitals, and Ireland's health system. Continue Reading
By
- Jessica Davis
News 10 May 2021
Scripps Health EHR, Patient Portal Still Down After Ransomware Attack

After a ransomware attack on May 1, some technical services remain down at Scripps Health, including the EHR, website, and patient portal; more ransomware, vendor incidents, and an email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
Answer 03 May 2021
Ransomware Hits Scripps Health, Disrupting Critical Care, Online Portal

Scripps Health is operating under EHR downtime and diverting some critical care after a ransomware attack over the weekend; a third-party incident, employee error, phishing, email hacks, and another Netgain victim complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 23 Apr 2021
4 Healthcare Providers, Vendors Report Data Breaches From 2020

HIPAA requires entities to report data breaches within 60 days of discovery; malware, phishing, an email hack, another Accellion victim, and malware complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 15 Apr 2021
Hackers Steal Data of 200K During CareFirst BlueCross DC Cyberattack

A cyberattack on CareFirst BlueCross in DC, formerly Trusted Health Plans, resulted in the theft of member data; an email hack, ransomware, and malware incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 08 Apr 2021
Ransomware: Extortion Actors Leak Data, Vendor Attack Disrupts Services

Ransomware threat actors have been busy in the last month, posting data from at least nine healthcare providers and attacking a third-party vendor -- leading to care disruptions. Continue Reading
By
- Jessica Davis
News 08 Apr 2021
586K Trinity Health Patients Added to Accellion Tally, as Lawsuits Pile Up

Accellion is now facing at least 14 lawsuits following a hack and subsequent data theft of its FTA platform. Trinity Health reports more than half a million of its patients were also affected. Continue Reading
By
- Jessica Davis
News 06 Apr 2021
Accellion Breach Tally for Centene’s Subsidiaries: 1.3M Patients Impacted

The HHS reporting tool shows 1.2M patients of Centene subsidiaries were included in the Accellion FTA hack; a new Netgain victim, vendor incident, and an email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 02 Apr 2021
Patient Data from Multiple Providers Leaked in Third-Party GitHub Incident

A new report shows an employee of third-party vendor MedData uploaded troves of patient data from multiple providers onto the public data repository, GitHub Arctic Code Vault. Continue Reading
By
- Jessica Davis
News 30 Mar 2021
PACS Vulnerability of Orthopedic Specialist Exposes Data From 28K

As previously reported, a PACS vulnerability at Mendelson Kornblum Orthopedic left patient data exposed; an email hack, cyberattacks, and vendor incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 25 Mar 2021
Amazon Sued for Hosting Florida Provider's Stolen Healthcare Data

Florida-based SalusCare has sued Amazon Web Services for hosting healthcare data allegedly stolen from the Florida provider. The lawsuit aims to compel the data’s release. Continue Reading
By
- Jessica Davis
News 23 Mar 2021
Ransomware Extortion Threat Actors Post Data from 4 Healthcare Entities

Recent dark web postings of data allegedly stolen from healthcare entities show that ransomware extortion threat actors will continue to target healthcare in 2020. Continue Reading
By
- Jessica Davis
News 18 Mar 2021
Data of 50K PACE Program Patients Stolen from PeakTPA Cloud Servers

NetWalker hackers stole PACE program patient data from Peak PTA's cloud servers; ransomware, more Accellion victims, network hack, phishing, and a misconfiguration complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 11 Mar 2021
Trillium, SIU Medicine Added to Tally of Accellion FTA Breach Victims

Trillium and SIU Medicine reported their data was included in the Accellion FTA exploit; ransomware, email hacks, and insider wrongdoing complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 09 Mar 2021
Over 300K Patients Affected by Elara Caring, Woodcreek Provider Breaches

Elara Caring notified 100,000 individuals of an email hack impacting their data, while a vendor incident involved over 200,000 individuals from Woodcreek Provider Services. Continue Reading
By
- Jessica Davis
News 04 Mar 2021
100K Patients Impacted by Cochise Eye and Laser Ransomware Attack

Cochise Eye and Laser has continued under EHR downtime after a ransomware hit in mid-January; more ransomware incidents and an email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 25 Feb 2021
FBI Finds Data of 79K Gore Medical Patients from 2017 Data Theft

The FBI notified Gore Medical that it found the data belonging to 79,100 patients from 2017 on a third-party computer; a COVID-19 data leak and two email hacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 22 Feb 2021
Hospital Recovers from Ransomware; Vendor Incidents Hit Kroger, Provider

A New Mexico hospital is currently recovering from a cyberattack, days after hackers posted data from its affiliate. Kroger and a specialist report vendor-related ransomware incidents. Continue Reading
By
- Jessica Davis
News 18 Feb 2021
Sutter Buttes Imaging PACS Vulnerability Causes 18 Month Data Breach

A vulnerability in some third-party tech used by Sutter Buttes Imaging in California caused an 18 month data leak; an email hack, ransomware, and a security incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 16 Feb 2021
Ransomware Actors Leak Data From 3 More Healthcare-Related Entities

The Avaddon, Conti, and REvil ransomware threat actors are at it again: this time leaking data from a medical center, health system, and an IT vendor with some healthcare clients. Continue Reading
By
- Jessica Davis
News 12 Feb 2021
219K Nebraska Medicine Patients Affected by Fall Ransomware Attack

A security incident that drove Nebraska Medicine into EHR downtime potentially led to the theft of some patient data; an email hack, third-party incident, and phishing complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 02 Feb 2021
Actor Exploits Beaumont Health’s COVID-19 Vaccine Scheduling Tool

Beaumont Health was forced to cancel 2,700 COVID-19 vaccine appointments after an actor exploited an app vulnerability; a website hack, vendor-related incident, and a ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 01 Feb 2021
Judge Dismisses Brandywine Urology Breach Lawsuit, Citing Lack of Harm

A judge has granted a motion to dismiss a data breach lawsuit against Brandywine Urology Consultants, as the victims failed to provide evidence of actual harm. Continue Reading
By
- Jessica Davis
News 26 Jan 2021
Cyberattack Drives Okanogan County Public Health IT System Offline

The public health department of Washington’s Okanogan County has been driven offline, after a cyberattack on the government’s infrastructure; a business associate breach and two email hacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 26 Jan 2021
Patient Sues Rady Children’s Hospital Over Blackbaud Data Breach

Rady Children’s Hospital in San Diego is being sued by a guardian of a patient whose information was compromised during last year’s hack of Blackbaud, its vendor. Continue Reading
By
- Jessica Davis
News 19 Jan 2021
COVID-19 Vaccine Data Manipulated Before Leak to Impair Public Trust

The hackers who stole COVID-19 vaccine data last month, modified the information before leaking it online to undermine public trust; email hacks, a security incident, and data extortion complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 13 Jan 2021
Hackers Leak COVID-19 Vaccine Data Stolen During EU Regulator Breach

The COVID-19 vaccine data stolen from an EU regulator in December was leaked online by the hackers; phishing attacks and an email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 07 Jan 2021
Minnesota’s Lake Region Healthcare Recovering From Ransomware Attack

A ransomware attack struck Minnesota-based Lake Region Healthcare just before Christmas, resulting in some system disruptions; “activist” data leaks and two email hacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 05 Jan 2021
Healthcare Accounts for 79% of All Reported Breaches, Attacks Rise 45%

Reports show a 45 percent spike in attacks against healthcare providers since November, as the sector accounted for 79 percent of all reported data breaches in 2020. Continue Reading
By
- Jessica Davis
News 29 Dec 2020
484K Aetna ACE Plan Members Impacted by EyeMed Email Hack

The July email hack of EyeMed included data from 484,157 Aetna ACE plan members; data extortion attempts, a ransomware attack, and a business associate phishing incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 16 Dec 2020
Third-Party Vendor Dental Care Alliance Breach Impacts 1M Patients

DCA recently notified some of its clients that a monthlong system hack breached the data of 1M patients; multiple ransomware incidents and two data misconfigurations complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 10 Dec 2020
Pfizer, BioNTech COVID-19 Vaccine Data Breached in EU Regulator Hack

The cyberattack on an EU regulator and subsequent breach of Pfizer and BioNTech COVID-19 Vaccine Data should serve as a warning to the US healthcare sector. Continue Reading
By
- Jessica Davis
News 09 Dec 2020
UPDATE: The 10 Biggest Healthcare Data Breaches of 2020

Much like in 2019, the biggest healthcare data breach of 2020 was caused by a third-party vendor, while ransomware and other risks dominated the threat landscape. Continue Reading
By
- Jessica Davis
News 09 Dec 2020
Ransomware Attack on Maryland’s GBMC Health Spurs EHR Downtime

GBMC HealthCare was hit with a ransomware attack on Sunday, driving the Maryland provider into EHR downtime procedures; multiple ransomware incidents, a business associate incident, and more Blackbaud victims complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 01 Dec 2020
AstraZeneca Targeted by Nation-State Actors Via Phishing Attacks, Malware

A Reuters report finds nation-state actors from North Korea sent AstraZeneca’s workforce phishing emails with malware; an email hack, a cyberattack, ransomware, and a server misconfiguration complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 25 Nov 2020
UVM Health Brings EHR Back Online, One Month After Ransomware Attack

The latest ransomware update shows multiple health providers are continuing to operate under EHR downtime procedures following attacks; UVM Health Network restored EHR access. Continue Reading
By
- Jessica Davis
Answer 19 Nov 2020
UPDATE: Luxottica Data Leaked by Hackers After Ransomware Attack

Luxottica recently faced a ransomware attack and another hack on its appointment scheduling app. But the subsequent notice did not disclose the initial incident, nor that hackers leaked sensitive data. Continue Reading
By
- Jessica Davis
News 18 Nov 2020
Hackers Hit COVID-19 Biotech Firm, Cold Storage Giant with Cyberattacks

Cold storage giant Americold and Global firm Miltenyi Biotec recently faced cyberattacks; ransomware, an email error, phishing, and an application hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 11 Nov 2020
‘Security Threat’ Forces Hendrick Health to EHR Downtime Procedures

Hendrick Health in Texas is operating under EHR downtime procedures after detecting a ‘security threat’; ransomware recovery, a third-party incident, more ransomware, phishing, and multiple hacking incidents complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 09 Nov 2020
Ransomware Update: More Data Leaked, NY Health System Recovers

UVM Health has progressed in its ransomware recovery efforts, while St. Lawrence Health restored its network. But three entities were not as successful, as hackers leaked more health data. Continue Reading
By
- Jessica Davis
News 04 Nov 2020
Mount Locker Ransomware Actors Claim Sonoma Valley Hospital Attack

The actors behind Mount Locker ransomware claim responsibility for the attack on Sonoma Valley Hospital, leaking 75GB of alleged data from the provider; email hacking, another Blackbaud victim, and a phishing incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 03 Nov 2020
5 Providers Still in Downtime, as Sky Lakes Confirms Ryuk Ransomware

Sky Lakes Medical Center confirmed it was hit by Ryuk ransomware, while at least five major providers remain in EHR downtime – some for more than a week amid the COVID-19 crisis. Continue Reading
By
- Jessica Davis
Answer 29 Oct 2020
Ransomware Wave Hits Healthcare, as 3 Providers Report EHR Downtime

A joint alert from HHS, DHS CISA, and the FBI warn of an imminent wave of ransomware attacks, including Ryuk, as three providers deal with IT disruptions under EHR downtime. Continue Reading
By
- Jessica Davis
News 27 Oct 2020
Security Incident Drives Sonoma Valley Hospital to EHR Downtime

California-based Sonoma Valley Hospital is currently recovering from a security incident and operating under EHR downtime procedures; a hacking incident, phishing attack, and another Blackbaud breach victim complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 20 Oct 2020
Ransomware Attack Hits Dickinson County Health, Spurs EHR Downtime

Dickinson County Health in Michigan is currently operating under EHR downtime procedures after being hit with a ransomware attack; ransomware threat actors post more health data and additional Blackbaud victims complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 13 Oct 2020
3 Weeks After Ransomware Attack, All 400 UHS Systems Back Online

The UHS IT team brough all 400 US health system sites back online, following a massive ransomware attack; a phishing attack, an email hack, and another ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 05 Oct 2020
UPDATE: UHS Health System Confirms All US Sites Affected by Ransomware Attack

In an Oct. 3 update, the UHS health system confirms all US sites were impacted by the ransomware attack that struck more than a week ago; phishing incidents and more ransomware attacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
Answer 29 Sep 2020
Ransomware Spurs EHR Downtime at UHS Health System, 3 More Providers

Multiple hospitals owned by the Universal Health Services health system are experiencing EHR downtime due to a suspected ransomware attack, joining three other providers responding to “security events.” Continue Reading
By
- Jessica Davis
Answer 17 Sep 2020
Ransomware Hacking Groups Post Data from 5 Healthcare Entities

NetWalker, REvil, SunCrypt, and Pysa, or Mespinoza, ransomware hacking groups posted data allegedly stolen from five healthcare entities in recent weeks to blackmail them into paying the ransom. Continue Reading
By
- Jessica Davis
News 14 Sep 2020
1M Inova Health Individuals Added to Blackbaud Breach Victim Tally

Over 1 million individuals from Inova Health and several other providers were added to the Blackbaud breach victim tally; an email hack, and a cyberattack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 08 Sep 2020
Assured Imaging Ransomware Causes Data Theft Affecting 245K Patients

A ransomware attack on Assured Imaging’s EMR allowed some patient data to be exfiltrated; Blackbaud ransomware attack adds 708,690 more individuals, threat actors post more patient data, and a phishing incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 31 Aug 2020
112K Patients Impacted by Utah Pathology Services Email Hack

A hacker attempted to redirect funds from Utah Pathology Services after breaching an employee email account; patient data leaked by threat actors and another ransomware incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 24 Aug 2020
Ransomware Attack Impacts Medical Debt Collections Firm R1 RCM

R1 RCM, one of the largest US medical debt collections firms, recently took down its systems in response to a ransomware attack; an email hack, ransomware, malware, and COVID-19 patient data complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 18 Aug 2020
Blackbaud Ransomware Hack Affects 657K Maine Health System Donors

A Blackbaud ransomware attack breached the data of 657,392 donors to Northern Light Health Foundation and other entities; malware, a phishing incident, and another ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 17 Aug 2020
9 GitHub Repositories Found Leaking Health Data from Over 150K Patients

A new collaborative report from Jelle Ursem and DataBreaches.net found nine GitHub repositories were routinely leaking a trove of protected health information from at least 150,000 patients. Continue Reading
By
- Jessica Davis
News 10 Aug 2020
Ransomware Hackers Post Data From 2 Providers, Device Manufacturer

NetWalker and DoppelPaymer ransomware actors posted data online from a device manufacturer and two providers; email hacks, malware, and a phishing incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 03 Aug 2020
Moderna COVID-19 Vaccine Data Targeted by Nation-State Hackers

Hackers tied to China targeted the COVID-19 vaccine research developer Moderna in an effort to steal data; ransomware, records theft, and an employee email hack completes this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 27 Jul 2020
National Cardiovascular Partners Email Hack Impacts 78K Patients

A hacker gained access to the email account of an employee of National Cardiovascular Partners for nearly a month; a phishing incident, ransomware, and medical record theft completes this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 21 Jul 2020
Lorien Health Services Ransomware Attack Impacts 48K Patients

NetWalker ransomware hackers claim to have stolen data from Lorien Health Services before launching a cyberattack; an email error, email hack, and business associate incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 13 Jul 2020
274K Patients Impacted by Benefit Recovery Specialists Credential Hack

A hacker obtained the credentials of a Benefit Recovery Specialists’ employee to gain access to the insurer’s systems and deploy malware; a business associate breach and email hacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 08 Jul 2020
UPDATE: The 10 Biggest Healthcare Data Breaches of 2020, So Far

Despite the COVID-19 crisis, phishing campaigns, mishandled health record disposals, and sophisticated cyberattacks are behind some of the biggest healthcare data breaches of 2020. Continue Reading
By
- Jessica Davis
News 07 Jul 2020
Magellan Health Data Breach Victim Tally Reaches 365K Patients

The tally of breach victims impacted by an April ransomware attack on Magellan Health has been reported to HHS as impacting over 365,000 patients; member portal breaches and another ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 30 Jun 2020
American Medical Tech Reports 2019 Email Hack Impacting 47K Patients

American Medical Technologies is just now reporting a breach discovered in 2019 impacting more than 47,000 patients; ransomware attacks, email hacks, and a COVID-19 dashboard incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 22 Jun 2020
Care New England Resolves Weeklong Cyberattack Impacting Servers

Care New England has been investigating a cyberattack on its systems for nearly a week, which shut down its website: ransomware hackers post healthcare data, a phishing incident, and email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 15 Jun 2020
Cano Health Reports 2-Year Email Hack Impacting Patient Data

First discovered in April, hackers breached three Cano Health employee email accounts for a two-year period; two ransomware attacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 08 Jun 2020
Cyberciminals Access PHI, Steal Gift Cards from Kentucky Health Plan

Hackers were able to access protected health information and fraudulently obtain gift cards from the Kentucky Employees’ Health Plan; multiple insider incidents and improper records disposal complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 02 Jun 2020
Hackers Access PHI During Mat-Su Surgical Ransomware Attack

Arkansas-based Mat-Su Surgical is notifying 13,146 patients that a hacker accessed their PHI during a ransomware attack in March; a website configuration error and another ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 19 May 2020
30K Patients Impacted in Ohio Business Associate Breach from 2019

Several employee email accounts of Ohio business associate MNS were hacked in 2019; a phishing campaign and two insider incidents complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 13 May 2020
Ransomware Attack on Magellan Health Results in Data Exfiltration

Magellan Health, a Fortune 500 company, reports hackers exfiltrated data from its systems before launching a ransomware attack; a “sophisticated cybersecurity incident” and another ransomware attack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 06 May 2020
Maze Ransomware Hackers Post Patient Data Stolen from 2 Providers

Despite assurances healthcare providers were off-limits during COVID-19, Maze ransomware hackers post patient data stolen from two covered entities; a separate phishing attack completes this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 28 Apr 2020
Ransomware Shuts Down Colorado Hospital IT Network Amid COVID-19

Parkview Medical Center is continuing to recover from a ransomware attack that shut down its IT network over a week ago; another ransomware attack and an email hack complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 21 Apr 2020
Beaumont Health Reports 2019 Data Breach Impacting 114K Patients

Hackers gained access to several Beaumont Health employee email accounts for a week in 2019; Maze ransomware, phishing incidents, and other ransomware incidents complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 14 Apr 2020
Ransomware Attack on Brandywine Urology Impacts 131K Patients

Brandywine Urology Consultants in Delaware is investigating a January ransomware attack; a business associate incident, phishing, an email hack, and another ransomware event complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 08 Apr 2020
Another COVID-19 Research Firm Targeted by Ransomware Attack

Hackers hit biotech research firm 10x Genomics with a ransomware attack amid work on potential COVID-19 treatments; two email security hacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 25 Mar 2020
140K Patients Impacted in Tandem Diabetes Care Phishing Attack

Several Tandem Diabetes employee email accounts were comprised during a three-day period after a phishing attack; an insider incident, email hack, and more phishing complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
Answer 24 Mar 2020
Hackers Target WHO, COVID-19 Research Firm with Cyberattacks

Hackers unsuccessfully attempted to breach the network of WHO, while Maze ransomware hackers published sensitive data from a medical research firm on standby to work on a COVID-19 vaccine. Continue Reading
By
- Jessica Davis
News 16 Mar 2020
Illinois Public Health Website Hit With Ransomware Amid Coronavirus

Hackers infected an Illinois Public Health provider website with ransomware during the coronavirus pandemic; Maze Team exploits, phishing, malware, and a PACS incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 09 Mar 2020
Monthlong Cyberattack Disrupts Operations at UKentucky Health

The University of Kentucky and its health system have been working to remove cryptocurrency malware from its systems; another cyberattack, phishing attacks, and ransomware complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 26 Feb 2020
Accounting Firm Ransomware Hack Affects Community Care Patient Data

Maze hackers infected accounting firm BST with malware, which likely compromised patient data from Community Care Physicians; email compromises, computer hack, and a phishing incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 21 Feb 2020
UW Medicine Hit with Lawsuit for Breach Impacting 974K Patients

About 974,000 UW Medicine patients were impacted by a breach caused by a misconfiguration error that lasted for several weeks; the lawsuit claims the health system did not provide accurate notice. Continue Reading
By
- Jessica Davis
News 20 Feb 2020
109K Patient Records Impacted in Overlake Medical Phishing Attack

Several Overlake Medical employees fell victim to phishing attacks, which provided attackers with account access; an email hack, updated breach reports, and ransomware complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 19 Feb 2020
Over 41.4M Patient Records Breached in 2019, as Hacking Jumped 49%

The Protenus Breach Barometer shows over 41.4 million patient records were exposed by 572 security incidents in 2019, while hacking incidents surged and insider-related events decreased. Continue Reading
By
- Jessica Davis
News 12 Feb 2020
Malware Attack Hits Boston Children’s Hospital Physician Group

A physician group affiliated with Boston Children’s Hospital is experiencing a system outage caused by malware; email hacks, phishing, and database misconfiguration complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 06 Feb 2020
Computer Theft Exposes Personal, Health Data of 654K Oregon Patients

A laptop owned by the transportation vendor of Health Share of Oregon was stolen, exposing the personal and health data of 654,000 patients. Continue Reading
By
- Jessica Davis
News 04 Feb 2020
Malware Destroys Data of 30,000 Fondren Orthopedic Patients

A malware incident damaged some Fondren Orthopedic medical records; ransomware, business email compromise, an email gaffe, phishing, and a payroll security incident complete this week’s breach roundup. Continue Reading
By
- Jessica Davis
News 28 Jan 2020
Health Data, Medical Documents Exposed by LabCorp Website Error

TechCrunch found the back-end of LabCorp’s internal customer relationship management system exposing patient health data; several phishing attacks complete this week’s breach roundup. Continue Reading
By
- Jessica Davis