HIPAA Breach News

A ransomware attack on Hospital Caribbean Medical Center in Puerto Rico has affected up to 92,000 individuals. Data breaches have...

North Texas Behavioral Health Authority (NTBHA), a provider of mental health and substance use treatment and services in Dallas, Ellis,...

Saint Anthony Hospital, a nonprofit, faith-based, acute care, community hospital in Chicago, has started notifying individuals about unauthorized access and/or...

Data breaches have been announced by the California psychiatry and therapy provider Mindpath Health, Springfield Hospital in Vermont, and Lone...

Ransomware attacks have been announced by Glendale Obstetrics & Gynecology in Arizona and Lymphedema Therapy Specialists in Texas, and City...

A district court judge in Montana has ruled that the State Auditor and Insurance Commissioner’s investigation of Blue Cross Blue...

Two providers of senior services have recently disclosed data security incidents. Windward Life Care in California and Legend Senior Care...

Cookeville Regional Medical Center in Cookeville, Tennessee, has recently confirmed that a 2025 ransomware attack exposed the personal and protected...

Brockton Hospital in Massachusetts is continuing to grapple with a cybersecurity incident that took many of its electronic systems offline...

The medical technology giant Stryker has provided an update on the impact of its March 11, 2026, cyberattack, confirming that...

Rocky Mountain Associated Physicians has reported a data breach affecting more than 50,000 patients. Data breaches have also been announced...

CardioFit Medical Group has discovered emails containing protected health information were inadvertently sent without encryption. Interventional Pain Center in Tennessee...

In May 2025, the Ohio health system Kettering Adventist Healthcare (Kettering Health) experienced a ransomware attack. The attack was detected...

Data breaches have recently been announced by DermCare Management in Florida, Option Care Health in New York, and Aetna in...

In February 2026, 63 data breaches were reported to the Department of Health and Human Services (HHS) Office for Civil...

Neinstein Plastic Surgery in New York and Atlantic Brain and Spine in North Carolina have announced security incidents that exposed...

The New Jersey long-term care pharmacy Innovative Pharmacy Packaging Corp (IPPC Inc), and the affiliated entities IPPC of New York...

Patient data has potentially been compromised in data incidents at Southern Illinois Dermatology and Heart South Cardiovascular Group in Alabama....

Legal counsel for Woodfords Family Services has provided an updated breach notice to the Maine Attorney General, confirming that more...

Data incidents have recently been announced by ProxyCare in Florida, Oscar Health in New York, and AccentCare in Texas. ProxyCare,...

The direct-to-consumer telehealth company Him & Hers has experienced a data breach. In early February, an unauthorized third party gained...

Nacogdoches Memorial Hospital (NMH), a 226-bed hospital in Nacogdoches, Texas, has recently announced a data security incident that was first...

TriMed, a Santa Clarita, California-based manufacturer of upper and lower orthopedic implants, has announced a data security incident involving unauthorized...

Rocky Mountain Care in Utah has announced a January 2026 data breach, and Corewell Health in Michigan has confirmed that...

The Somerset, New Jersey-based healthcare software company CareCloud has notified the U.S. Securities and Exchange Commission (SEC) about a security...

Data breaches have been announced by Coastal Carolina Health Care in North Carolina, New Horizons Behavioral Health in Georgia, CWA...

Data breaches have recently been reported by Vantage Plastic Surgery in New York City and Austin Plastic and Reconstructive Surgery...

Evansville, Indiana-based Deaconess Health System has announced a data breach involving information shared with a third-party vendor, the MRO Corp-owned...

The sensitive data of more than 23,000 Florida Medicare members has been impermissibly shared with overseas companies, putting Medicare members’...

The National Association on Drug Abuse Problems has experienced a data breach affecting up to 90,000 individuals. An insider data...

Over a three-week period between December 2025 and January 2026, hackers had access to the network of a Washington-based employee...

Trinity Health and the University of Pittsburgh Medical Center are notifying patients about potential unauthorized access to patient data by...

A telehealth company has admitted to improperly accessing patients’ medical records. GuardDog Telehealth purported to require access to patients’ medical...

Data breaches have recently been announced by Delta Medical Systems in Wisconsin, Ansell Healthcare Products in New Jersey, and FuturHealth...

Data breaches have recently been reported by Cedar Valley Services and Health Dimensions Group in Minnesota, and Community Nurse in...

The Chicago, IL-based Catholic health system CommonSpirit Health has announced that it has been affected by a security incident at...

Meadowlark Hills retirement community in Kansas and MedPeds Associates of Sarasota in Florida have announced data breaches. The Beast ransomware...

Data breaches have been reported by two entities in California – Tieu Dental Corporation has announced a July 2025 hacking-related...

Orthopaedic Institute of Western Kentucky has notified patients that their PHI was compromised in two security incidents at their managed...

The Seattle, Washington-based surgical group, Proliance Surgeons, has agreed to a settlement to resolve class action litigation over a February...

ID Care in New Jersey and Barrio Comprehensive Family Health Care Center (CommuniCare) in Texas have confirmed that patients’ personal...

Centerwell, a provider of senior healthcare services in 30 U.S. states, has experienced a cyberattack and data breach. Lakeside Pediatric...

Bell Ambulance has confirmed that the protected health information of more than 230,000 patients was compromised in a February 2025...

Jackson Hospital and Clinic in Montgomery, Alabama, has notified 14,485 individuals about a July 2024 data breach at one of...

PIH Health, a healthcare provider serving patients in Orange County and the San Gabriel Valley in California, has started notifying...

Data breaches have recently been announced by two California medical groups – Valley Radiology Consultants Medical Group, which serves San...

Data breaches have been announced by Insight Hospital and Medical Center in Chicago and Community Health Action of Staten Island....

In late February, The HIPAA Journal reported on a QualDerm Partners data breach, the scale of which was currently unknown,...

The University of Hawai’i Cancer Center (UHCC) has confirmed that up to 1.15 million individuals may have been affected by...

It has been more than four months since TriZetto Provider Solutions discovered unauthorized access to its IT environment, and it...

The HHS’ Office for Civil Rights (OCR) healthcare data breach portal shows a slight month-over-month decline in large healthcare data...

Data breaches have been announced by Apex Spine & Neurosurgery in Georgia and North Central Behavioral Health Systems in Illinois....

Cyberattacks and data breaches have been announced by the healthcare providers Carolina Foot & Ankle Associates, New Age Dermatology, and...

The Center for Advanced Eye Care in Pennsylvania/Delaware, Southwest C.A.R.E Center in New Mexico, and Evergreen Healthcare Group in Washington...

The U.S. medical device manufacturer UFP Technologies has submitted a FORM 8-K filing to the U.S Securities and Exchange Commission (SEC)...

Data breaches have recently been announced by Cedar Point Health in Colorado, Wee Care Pediatrics in Utah, and Easterseals Northeast...

Greater Pittsburgh Orthopedic Associates has experienced a ransomware attack that has affected almost 57,000 individuals. Data breaches have also been...

Vikor Scientific (now rebranded as Vanta Diagnostics), a molecular diagnostics company based in Charleston, South Carolina, has been affected by...

University of Mississippi Medical Center (UMMC) has temporarily closed most of its clinics following a ransomware attack, and scheduled appointments...

Granite Wellness Centers in California and Pediatric Home Service in Minnesota have both settled lawsuits stemming from cyberattacks that exposed...

WIRX Pharmacy in Pennsylvania has experienced a security incident that exposed the protected health information of more than 20,000 current...

Issaqueena Pediatric Dentistry in South Carolina, Enhabit Home Health & Hospice in Texas, and AltaMed Health Services in California have...

A class action lawsuit against Norton Healthcare over a 2023 ransomware attack has been settled for $11 million. The settlement...

Academic Urology & Urogynecology of Arizona, a division of Palo Verde Hematology and Oncology that serves patients throughout Arizona, has...

Managed Care Advisors and Sedgwick Government Solutions recently announced a cybersecurity incident involving unauthorized access to a corporate Secure File...

More than 700 healthcare data breaches affecting 500 or more individuals are being reported to the Department of Health and...

Data breaches have been confirmed by the revenue cycle management company MedRevenu Inland Physicians Hospitalist Services, and the Missouri-based eye...

We previously reported that the Aflac data breach had affected 22.65 million individuals worldwide; however, it was unclear exactly how...

The extent of a May 2025 ransomware attack on the Georgia-based physician- and clinician-owned staffing and management group ApolloMD has...

The Counseling Center of Wayne and Holmes Counties has experienced a cyberattack affecting 83,350 individuals. Data breaches have also been...

Data breaches have been announced by the Connecticut diagnostic laboratory Precipio, Pit River Health Service in California, and Tulane University...

Jefferson-Blount-St. Clair Mental Health Authority in Alabama, Cottage Hospital in New Hampshire, WindRose Health Network in Indiana, and Iroquois Memorial...

Central States Dermatology Services (DOCS Dermatology Group) in Ohio and The Center for Neuropsychology and Learning in Michigan have identified...

Cyberattacks and data breaches have recently been announced by the healthcare technology company Insightin Health and the Colorado-based medical billing...

Data breaches have recently been announced by Central Ozarks Medical Center in Missouri, AdventHealth Daytona Beach in Florida, and the...

Alpine Ear, Nose, and Throat in Colorado, The Phia Group in Massachusetts, and Community Health Northwest Florida have started notifying...

Bayada Home Health Care, a New Jersey-based home healthcare provider serving 22 U.S. states, has recently announced a data breach...

In the final month of 2025, a further 41 healthcare data breaches affecting 500 or more individuals were reported to...

Healthcare Interactive, better known as HCIactive, reported a data breach to the HHS’ Office for Civil Rights on September 22,...

Protected health information has been exposed in data security incidents at Mitchell County Department of Social Services in North Carolina,...

MACT Health Board has confirmed that patient data was stolen in a November 2025 cyberattack, for which the INC Ransom...

Munson Healthcare, the largest health system in Northern Michigan, has recently notified patients about unauthorized access to its electronic medical...

The Department of Health and Human Services’ Office for Civil Rights is the main enforcer of HIPAA compliance; however, state...

Patients of Laurel Health Centers have been notified that their protected health information was exposed in a July 2025 security...

Columbia Medical Practice has experienced a ransomware attack in which patient data was stolen, and Jupiter Medical Center has notified...

Based on breach reports submitted to the U.S. Department of Health and Human Services (HHS), November saw relatively low numbers...

Data breaches have recently been announced by Central Maine Healthcare, Dermatology Associates in Kentucky, and Reproductive Medicine Associates of Michigan....

The Minnesota Department of Human Services (DHS) has notified almost 304,000 individuals about unauthorized access to their demographic records. The...

Valley Eye Associates has fallen victim to a ransomware attack in which sensitive patient data was exfiltrated from its network....

Monroe University, a for-profit university with campuses in the Bronx and La Rochelle in New York, and Saint Lucia in...

Mid Michigan Medical Billing Service, a Flint, MI-based revenue cycle management company that provides billing support services to HIPAA-covered entities,...

Data breaches have recently been announced by Vida Y Salud-Health Systems in Crystal City, Texas, and Dublin Medical Center in...

There are ways you can report a HIPAA violation anonymously but, due to the risk your anonymous report may be...

CareOregon and Health Share of Oregon have notified certain patients about a data breach and potential insurance fraud. Andover Eye...

Data breaches have recently been reported by Pearlman Aesthetic Surgery and Associated Radiologists of the Finger Lakes in New York...

A delayed October 2025 healthcare data breach report due to the government shutdown for the whole of the month, which...

A business associate data breach has affected 55,000 members of the Bosch Choice Welfare Benefit Plan, and a data breach...

Denton County MHMR Center, a community behavioral health clinic in Denton, Texas, recently reported a major data breach to the...

How you should respond to an accidental HIPAA violation depends on the nature of the accidental violation and the potential...

The Illinois Department of Human Services (IDHS) has announced a major data breach affecting hundreds of thousands of state residents,...

Covenant Health has provided an update on the number of individuals affected by its May 2025 ransomware attack, confirming that...

It has been another bad year for healthcare data breaches, although the breach report data currently show a considerable improvement...

HIPAA violations occur when covered entities, business associates, or members of either’s workforces fail to comply with a standard of...

The penalties for HIPAA violations include civil monetary penalties ranging from $145 to $2,190,294 per violation, depending on the level...

Singing River Health System, the largest health system on the Mississippi Gulf Coast, has announced that action has been taken...

AllerVie Health, a Frisco, TX-based provider of allergy and immunology services, has announced a security incident that exposed personally identifiable...

Tennessee-based Artemis Healthcare has experienced a ransomware attack involving data theft, and email account breaches have been announced by Greater...

The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed; however, the data...

Personal and protected health information has been compromised in security incidents affecting NCH Corporation Employee Benefits Plan members, and patients...

Fyzical Acquisition Holdings LLC, the parent company of Fyzical Therapy & Balance Centers, has announced a security incident involving unauthorized...

Orthopedics NY LLP (aka OrthoNY; OrthopedicsNY), a New York orthopedic medicine practice, has been fined $500,000 by the New York...

TapestryHealth, a Connecticut-based provider of technology solutions for post-acute and assisted living facilities, has identified unauthorized access to patient data....

Madison, WI-based ARC Community Services, a provider of behavioral health, substance use disorder treatment, and support services to women and...

Data breaches have been announced by Wilbarger General Hospital, a rural and community hospital in Vernon, Texas, and Ochsner LSU...

Excellent Home Care Services in New York has identified unauthorized access to an employee’s email account. Sports Medicine & Orthopaedics...

A former employee of Evoke Wellness at Hilliard has stolen and misused patient data, Conifer Value-Based Care has experienced an...

Officials in Albemarle County, Virginia, have confirmed that sensitive data, including protected health information (PHI), was compromised in a June...

Richmond Behavioral Health Authority (RBHA), the public entity responsible for providing mental health, substance abuse, and prevention services in the...

NS Support LLC, a Boise, Idaho-based healthcare provider specializing in neurosurgical treatment for conditions such as brain tumors, reported a...

Data breaches have recently been announced by the California radiology specialists, Expert MRI, and the small business technology consultancy firm,...

Data breaches have been announced by the Pennsylvania law firm Victory Disability and the Minnesota healthcare provider Madison Healthcare Services....

Revere Health in Utah and Health Management Systems of America in Michigan have recently confirmed that they have experienced cyberattacks...

MedStar Health, a non-profit health system that operates 10 hospitals in the Baltimore-Washington metropolitan area, has recently disclosed a cyberattack...

Brevard Skin and Cancer Center, a dermatology practice in Brevard, Florida, has fallen victim to a cyberattack that was first...

An insider data breach has been reported by Henry Ford Health in Michigan, and Wilmington Community Clinic has notified patients...

Data breaches have recently been announced by the North Atlantic States Carpenters Health Benefits Fund in Massachusetts and Millcreek Pediatrics...

Data breaches have been announced by the medical malpractice law firm Davies, McFarland & Carroll, the sex therapy and couples...

Data breaches have been announced by Morton Drug Company in Wisconsin, Physicians to Children & Adolescents in Kentucky, and the...

The West Lafayette, Indiana-based pharmaceutical research company Inotiv has recently disclosed a ransomware attack and data breach that involved the...

On November 19, 2025, Wyandot Center, a nonprofit community behavioral health center in Kansas City, KS, disclosed a cybersecurity incident...

Two sleep specialists, Persante Health Care in New Jersey and SomnoSleep Consultants in Virginia, have recently disclosed security incidents that...

Liberty Resources, a Syracuse, NY-based human services agency, has announced a security incident that was first identified 16 months ago,...

The Oakland, CA-based healthcare giant Kaiser Permanente has agreed to pay up to $47.5 million to settle class action litigation...

Data breaches have been announced by Fieldtex Products in New York State and the Utah ear, nose & throat specialists,...

Data breaches have recently been announced by Ennoble Care & Circa Health in New Jersey and Dermatology Associates of Concord...

The senior living company Heritage Communities and the Dallas mental health care company Metrocare Services have announced security incidents that...

North Kansas City Hospital has notified patients about a January 2025 data breach at its EHR vendor Cerner. Data breaches...

Data breaches have recently been announced by the OB/GYN practice Rockhill Women’s Care and Harbor Regional Center, a California provider...

VITAS Hospice Services, LLC, the largest for-profit hospice chain in the United States, has notified the California and Texas attorneys...

Delta Dental of Virginia has notified almost 146,000 members about a security incident that may have exposed their protected health...

The Danville, Pennsylvania-based healthcare provider Geisinger Health and its former IT vendor Nuance Communications, Inc., have agreed to a $5...

Personic Management Company (Personic Health) and Innovative Physical Therapy have recently confirmed that patient information was compromised in vendor security...

Data breaches have recently been announced by St. Anthony Hospital in Chicago, Intercommunity Action in Pennsylvania, and Munson Healthcare in...

A lawsuit filed by Nebraska Attorney General Mike Hilgers over the 2024 Change Healthcare data breach has been allowed to...

Data breaches have recently been announced by the EHR vendor CareTracker (Amazing Charts) and the Wisconsin health system, Marshfield Clinic....

Dallas, TX-based Doctor Alliance, a HIPAA business associate that provides document management and billing services to HIPAA-covered entities, is investigating...

DealMed Medical Supplies has confirmed that sensitive data was stolen in a July ransomware attack, the Wisconsin Department of Corrections...

Wakefield & Associates, a Knoxville, Tennessee-based vendor that offers revenue cycle & collections services to healthcare providers, has recently announced...

Data breaches have recently been announced by Tri Century Eye Care in Pennsylvania, Pittsburgh Gastroenterology Associates, NAHGA Claims Services, and...

Central Jersey Medical Center in New Jersey has experienced a ransomware attack. David A. Nover, M.D, is notifying patients about...

A Tampa, FL-based network of mental health and addiction recovery treatment facilities has recently disclosed a security incident that involved...

OB-GYN Associates in Nevada and Beverly Hills Oncology Medical Group in California have recently started notifying patients affected by hacking...

Data security incidents have recently been announced by George E. Weems Memorial Hospital in Florida, Vibra Hospital of Sacramento in...

Ransomware attacks have recently been announced by the Illinois retirement village and skilled nursing provider Sedgebrook, and the Nebraska healthcare...

Data breaches have been announced by the EHR provider Modernizing Medicine (ModMed), the Baltimore healthcare provider LifeBridge Health, and the...

An $18 million settlement proposed by Yale New Haven Health to resolve claims stemming from a 2025 data breach has been...

Four employees of Baptist Health’s Jay Hospital in Florida have been terminated for allegedly taking unauthorized photographs of patients and...

Approximately 462,000 current and former customers of Blue Cross Blue Shield of Montana (BCBSMT) have been affected by a cyberattack...

As of December 18, 2025, OCR has added 41 data breaches affecting 500 or more individuals to its data breach...

Cyberattacks have recently been announced by River City Eye in Oregon and Elmcrest Children’s Center in New York. River City...

City of Hope, a Duarte, California-based non-profit clinical research and cancer treatment center, has agreed to settle a class action...

A cyberattack has caused a network outage that has disrupted operations at two hospitals in North Central Massachusetts – the...

Data breaches have recently been announced by Watsonville Community Hospital and Palomar Health Medical Group in California, and the Phia...

Cyberattacks and data breaches have been announced by Crenshaw Community Hospital in Alabama, Waveny LifeCare in Connecticut, Aunt Martha’s Health...

Data breaches have recently been announced by Methodist Homes of Alabama & Northwest Florida, Rockhill Women’s Care, and Sierra Vista...

A data breach at the Fort Wayne Medical Education Program has affected almost 30,000 individuals. Data breaches have also been...

Integris Health has agreed to pay $30 million to settle class action data breach litigation. The settlement resolves claims stemming...

ALN Medical Management, a Nebraska-based revenue cycle management company, has agreed to pay $4 million to settle class action litigation...

On October 10, 2025, SimonMed Imaging started mailing notification letters to the individuals affected by its January 2025 cyberattack. SimonMed...

An Iowa nurse has been terminated for a HIPAA violation and has lost her unemployment benefits after disclosing the pregnancy...

Data breaches have been announced by Doctors Imaging Group in Florida, Rectangle Health in New York, and Care N’ Care...

Harris Health in Texas has recently started notifying 5,357 patients that their electronic health records may have been impermissibly accessed...

Superior Vision Service has announced that protected health information has been compromised in a phishing attack. People Encouraging People has...

Treasure Coast Hospice, a palliative care provider in Florida, and Harbor, a mental health and addiction treatment service provider in...

Outcomes One, a Florida-based business associate of health plans, has disclosed a phishing incident that has affected almost 150,000 individuals....

Gaylord Specialty Healthcare is notifying patients affected by a December hacking incident, and Gainwell Technologies has reported a breach involving...

Data breaches have been announced by the City of St. Joseph Health Department in Missouri and Viva Health in Alabama....

On September 22, 2025, Veradigm, a Chicago, Illinois-based provider of practice management and electronic health record solutions to healthcare providers...

Cybersecurity researcher Jeremiah Fowler has found an exposed 23.7 GB database containing more than 145,000 files, such as PDFs, PNGs,...

Data breaches have recently been announced by Coos County Family Health Services in New Hampshire, Roush Fenway Keselowski Racing in...

OneBlood, a non-profit organization that provides blood to approximately 350 hospitals in the southeastern United States, has agreed to pay...

Albany Gastroenterology Consultants and Inlet Care (Communicare) are notifying patients affected by cyberattacks in November 2024 that involved unauthorized access...

Sturgis Hospital, a rural critical access hospital in Michigan, has recently reported two security incidents to the HHS’ Office for...

There has been a 13.7% month-over-month increase in large healthcare data breaches, with 58 breaches affecting 500 or more individuals...

Two New Jersey medical groups have notified patients that their data may have been compromised in a recent security incident....

Goshen Medical Center, a federally qualified healthcare organization serving patients in eastern North Carolina, is notifying 456,385 individuals about a...

Central Valley Regional Center, a Fresno, California-based state-funded provider of services to individuals with developmental disabilities, has notified patients about...

Cybercriminals have gained access to employee email accounts at Community Health Network in Indiana and Mid South Rehab Services in...

Retina Group of Florida is the latest eye care provider to report a breach of patient data. The protected health...

Data breaches have been reported by Radiology Associates of San Luis Obispo, North Oaks Health System, The Children’s Center of...

Teamsters Union 25 Health Services & Insurance Plan, a health and wellness benefits plan for members of Teamsters Union Local...

The medical education provider US HealthConnect and the California billing services vendor Altos Inc have recently announced cyberattacks and data...

Data breaches have recently been announced by Northwest Medical Specialties in Washington, Medical Associates of Brevard in Florida, and Twin...

Wayne Memorial Hospital patients have recently been notified that some of their protected health information was stolen by a ransomware...

Officials in Somerset County, Pennsylvania, have confirmed an email hacking incident affecting Children and Youth Services patients. Beech Acres Parenting...

Hacking-related data breaches have been reported by Meridian Valley Laboratories in Washington, and College Parkside Pharmacy and College Hometown Pharmacy...

Pediatric Otolaryngology Head & Neck Surgery Associates has reported a data breach affecting almost 44,000 patients. Anchorage Neighborhood Health Clinic...

New York Blood Center Enterprises, the operator of 19 blood donor centers in New York and New Jersey, has notified...

A cyberattack on a business associate has resulted in unauthorized access to the protected health information of patients of Keys...

Two providers of disability services have announced security incidents. The cyberattacks on Reimagine Network in California and the Center for...

Senate Finance Committee Ranking Member Ron Wyden (D-OR) and Senate Banking Committee Ranking Member Elizabeth Warren (D-MA) have demanded answers...

Absolute Dental, a Nevada dental practice with over 50 locations in Las Vegas, Carson City, Reno, Sparks, and Minden, has...

On Friday last week, University of Iowa Health Care and its affiliated UI Community HomeCare, a home infusion and medical...

Family Counseling Services of the Finger Lakes in New York and the Cancer Care Center of North Florida have confirmed...

Data breaches have recently been announced by Black Hills Regional Eye Institute in South Dakota and the Children’s Center of...

Vital Imaging Medical Diagnostic Centers in Florida has disclosed a February 2025 hacking incident involving unauthorized access and potential acquisition...

Data breaches have recently been confirmed by Legacy Treatment Services/Community Treatment Solutions in New Jersey, Washington Gastroenterology, Woodlawn Hospital in...

Healthcare Services Group, Inc. (HSG), a Bensalem, PA-based provider of environmental, dining, and nutritional support services to healthcare facilities, has...

Aspire Rural Health in Michigan is notifying almost 140,000 patients about unauthorized access to its network and the theft of...

U.S. healthcare data breaches are down 34.1% month-over-month, and 44.5% fewer individuals had their healthcare data exposed. HIPAA-regulated entities reported...

DaVita, a Denver, CO-based kidney dialysis service provider, has submitted a breach report to the HHS’ Office for Civil Rights...

Data breaches have recently been announced by Mower County in Minnesota, Seasons Living in Oregon, Dr. Doug’s Pediatric Dentistry in...

Fundamental Administrative Services, LLC, a healthcare management services company in Sparks, Maryland, that manages more than 85 skilled nursing facilities...

Data breaches have been announced by medical equipment provider CPAP Medical Supplies and Services, a Miracle Ear franchisee, and a...

The electronic medical record vendor MDLand International Corporation has fallen victim to a ransomware attack that resulted in the encryption...

Three insider incidents have recently been identified by healthcare providers in Florida, Massachusetts, and Indiana, including one privacy breach that...

Data breaches have been announced by CEI Vision Partners, MedicareCompareUSA, Academic Urology & Urogynecology of Arizona, and the Friesen Group....

Data breaches have recently been reported by Integrated Orthopedics of Arizona, Glen Falls Hospital in New York, and South Coast...

A cyberattack has been announced by the North Carolina accountancy firm Langdon & Company, and Michigan Medicine has experienced a...

Data breaches have been announced by Doctors’ Memorial Hospital in Florida, Sabine County Hospital in Texas, Compass Counseling Services in...

Data breaches have been announced by the Washington dental practice 32 Pearls, West Texas Oral Facial Surgery, and the Indiana...

Cencora, The Lash Group, and their affiliates have agreed to pay $40 million to settle class action data breach litigation...

Two U.S. senators have written to UnitedHealth Group (UHG) CEO Stephen J. Hemsley demanding answers about cybersecurity and the response...

Alera Group has notified more than 155,000 individuals about a July 2024 hacking incident. Data breaches have also been announced...

A drug and alcohol addiction center and an OB/GYN Medical Center in Texas have notified patients about unauthorized access to...

PhyNet Dermatology, a business associate of Premier Dermatology Partners, has identified unauthorized access to an email account containing patient information....

Genoa Medical Facilities, which operates a 19-bed critical access hospital in Nebraska, has discovered unauthorized access to its email environment....

A January data breach at Northwest Radiologists and Mount Baker Imaging has affected more than 348,000 patients. Data breaches have...

Highlands Oncology Group, a comprehensive cancer care provider with six locations in Northwest Arkansas, has recently disclosed a cyberattack that...

Hacking-related data breaches have been announced by Mid Florida Primary Care, Northwest Denture Center in Washington, Forward, The National Databank...

Several dermatology practices have recently announced data breaches following an attack on their management company. The number of attacks reported...

Two mental healthcare providers have recently announced cybersecurity incidents that exposed patient data: Eleos Wellness in Florida and Clinica Family...

Think Big Health Care Solutions, a Florida-based practice management company, and Minnesota Epilepsy Group have recently confirmed cyberattacks and data...

Data incidents have recently been announced by Wood River Health in Rhode Island, Jack L Marcus in Wisconsin, and Avala...

Ransomware groups have attacked three healthcare providers: Gastroenterology Consultants of South Texas, Infinite Services in New York, and High Point...

McKenzie Memorial Hospital in Michigan has reported a hacking incident affecting almost 59,000 patients. Arbor Associates in Massachusetts has reported...

While compiling data for last month’s data breach report, the HIPAA Journal identified a data breach that had previously been...

Department of Health and Human Services (HHS) Office for Civil Rights (OCR) Director, Paula M. Stannard, has announced OCR’s 18th...

Naper Grove Vision Care in Naperville, Illinois, has recently announced a cybersecurity incident that was detected on May 24, 2025....

A law firm that provides legal counsel and assistance to Durham County Hospital Corporation in North Carolina has experienced a...

Complete Care Rehab, a small physical therapy practice in East Pointe, Michigan, has been targeted by cybercriminals who gained access...

Premier Health Partners, a Dayton, OH-based network of three hospitals and two major medical centers, has recently issued a press...

Western Montana Mental Health Center has notified almost 87,000 individuals about a September 2024 cyberattack, and Olde Towne Medical and...

Cierant Corporation, a Danbury, CT-based distributed marketing software and services company, has recently disclosed a data incident that has affected...

A small medical practice in Alpharetta, Georgia, has been forced to close its doors due to a ransomware attack. Alpha...

There has been a 16.67% month-over-month increase in healthcare data breaches, and a 302.71% month-over-month increase in the number of...

At the start of the month, The HIPAA Journal reported on a cybersecurity incident at Radiology Associates of Richmond, a...

A ransomware group called Stormous claims to have stolen the personal and health information of 600,000 patients from North Country...

Multiple Life Care Services senior living facilities have been affected by a data security incident. Suspicious email account activity was...

Rural Health Services and HopeHealth in South Carolina have announced data breaches, and Artivion has started issuing notification letters to...

Anne Arundel Dermatology and Mountain Laurel Dermatology have started issuing individual notifications about recent security incidents that potentially involved the...

Ransomware groups have conducted several attacks on medical laboratories in recent months. These attacks can cause significant disruption to testing...

Email-related HIPAA breaches have been announced by Iron County Medical Center in Missouri, Regional Center of the East Bay in...

Ocuco Inc. has published a substitute breach notice providing further information on its March 2025 cyberattack and data breach. Ocuco...

Data breaches have been announced by Gardner Orthopedics in Florida, Blue Cross and Blue Shield of Massachusetts, Health Care and...

A phishing attack has affected multiple cancer care providers that are part of the Integrated Oncology Network (ION). All affected...

Horizon Healthcare RCM, a Crown Point, IN-based revenue cycle management firm, has recently disclosed a ransomware attack and data breach....

Compumedics USA Inc., a vendor that provides diagnostic and research technologies for sleep disorders for use in sleep study clinics,...

Data breaches have been disclosed by a Minnesota medical device manufacturer and the threat actor behind an apparent attack on...

A federal bankruptcy court has approved the sale of direct-to-consumer genetic testing company 23andMe to TTAM Research Institute. TTAM was...

Data breaches have recently been announced by Texas Centers for Infectious Disease Associates, Shelby County Chris A. Myrtue Memorial Hospital,...

Kelly Benefits has confirmed that a further 140,628 individuals have been affected by its December 2024 cyberattack than previously reported....

Approximately 103,000 Medicare beneficiaries are being notified that some of their personal information may have been exposed in a data...

Esse Health has confirmed that 263,601 individuals have been affected by its April 2025 cyberattack. Data breaches have also been...

Data breaches have been confirmed by Mainline Health Systems, Tallahassee Memorial Healthcare, Rural Health Services, Marquette County Medical Care Facility,...

In May, 60 data breaches affecting 500 or more individuals were reported to the HHS’ Office for Civil Rights (OCR),...

Data breaches have been announced by Decisely Insurance Services, Apex Global Solutions, Upper Dublin Family Dentistry, and Arkansas Urology Associates....

Data breaches have recently been announced by Albany College of Pharmacy and Health Sciences, Central Kentucky Radiology, TRG Medical Imaging,...

McLaren Health Care in Michigan has started notifying 743,131 individuals that some of their protected health information was compromised in...

Pennsylvania-based Erie Indemnity Corp., which does business as Erie Insurance, is investigating a network intrusion. Erie Insurance is a Fortune...

A ransomware attack on Sensata Technologies involved the theft of health and wellness plan data. A former Evoke Wellness employee...

Episource LLC, a UnitedHealth (Optum) subsidiary that provides medical coding, risk adjustment services, and software solutions for healthcare providers and...

A settlement has been agreed to resolve class action data breach litigation against HealthEC and its clients over a 2023...

Data breaches have been announced by Shelby Dermatology in Alabama and the Northwestern Community Services Board in Virginia. The protected...

Cyberattacks and data breaches have been announced by the Renkim Corporation and The Vascular Experts. The Inc Ransom ransomware group...

The Illinois Department of Healthcare and Family Services has experienced a phishing attack, Select Medical Holdings Corporation has confirmed it...

Jackson Health System has recently announced an insider data breach that involved the theft of the protected health information of...

A Pennsylvania non-profit provider of drug and alcohol addiction services is facing multiple class action lawsuits over an October 2024...

Cumberland County Hospital in Kentucky has reported a data breach involving the protected health information of More than 36,000 individuals....

A huge database containing approximately 2.7 million patient profiles and 8.8 million appointment records has been exposed online. The database...

A former employee of the Northwell Health Sleep Disorders Center alleged to have installed a hidden camera in bathrooms at...

Data breaches have recently been announced by Gateway Community Services, the Mental Health Association in Massachusetts, Horizon Blue Cross Blue...

Next Step Healthcare in Massachusetts and HopeWay Foundation in North Carolina have announced data breaches, and ransomware groups have claimed...

Central Maine Healthcare has shut down its information technology applications, hardware, network servers, and phone systems, and is investigating a...

Data breaches have recently been announced by U.S. Dermatology Partners in Texas, the Smith Institute for Urology in New York,...

Data breaches have recently been announced by Bradford Health Services in Alabama, Doctors Hospital at Renaissance in Texas, and Molecular...

Masimo has confirmed that it has made good progress recovering from the cyberattack it disclosed earlier this month. In its...

The list of victims from the data breach at the debt collection agency Nationwide Recovery Service (NRS) is steadily growing,...

Data breaches have been reported by the Cooper Health System in New Jersey, Union County Children and Youth Services in...

Data breaches have recently been announced by Community Counseling of Bristol County in Massachusetts, Community Hospital of Anaconda in Montana,...

An anatomic pathology laboratory and healthcare provider in North Carolina have experienced cyberattacks involving the theft of patient data. Marlboro-Chesterfield...

April saw a 17.9% month-over-month increase in healthcare data breaches, with 66 data breaches of 500 or more records reported...

Harbin Clinic has been affected by a cyberattack on the debt collection agency Nationwide Recovery Service, Gardner Health Services has...

The Anne Arundel County Department of Health in Maryland has confirmed that health data was compromised in a February ransomware...

Serviceaide, Inc., a Santa Clara, California-based business associate that offers agentic AI-powered agents for IT and workflow management, has announced...

Data breaches have been announced by Tri-City Cardiology Consultants in Arizona, Northeast Georgia Health System, Family Christian Health Center in...

CardioVascular Health Clinic in Oklahoma is investigating a recent cyberattack and data breach, and Hunter Health Clinic in Kansas has...

Cyberattacks and data breaches have recently been announced by Weiser Memorial Hospital in Idaho and Minnesota Orthodontics and Dentofacial Orthopedics....

Union Health System, a Terre Haute, Indiana-based integrated health system that operates two hospitals and a medical group, has been...

The Texas Health and Human Services Commission (HHSC) has been affected by an insider breach at one of its business...