Healthcare Data Breaches — HIPAA & Patient Record Disclosures

Healthcare Data Breaches (727 indexed)

critical · healthcare · Jul 1, 2025

Piedmont Healthcare

1.3M patient records exposed in third-party vendor breach

View incident → Original disclosure Indexed 9 months, 1 week ago

high · healthcare · Jun 5, 2025

Children's Hospital of Philadelphia

185K pediatric patient records exposed via phishing — developmental assessment data included

View incident → Original disclosure Indexed 10 months, 1 week ago

critical · healthcare · Jun 2, 2025

Trinity Health (Michigan)

2.1M patient records exposed via compromised remote monitoring vendor — 97 hospitals affected

View incident → Original disclosure Indexed 10 months, 1 week ago

critical · healthcare · Jun 1, 2025

Aflac Incorporated

13M health insurance records compromised — largest healthcare breach of 2025

View incident → Original disclosure Indexed 10 months, 1 week ago

medium · healthcare · Jun 1, 2025

Smith & Nephew

210K surgical records compromised

View incident → Original disclosure Indexed 10 months, 1 week ago

high · healthcare · Jun 1, 2025

Fortis Healthcare (India)

670K patient records compromised

View incident → Original disclosure Indexed 10 months, 1 week ago

high · healthcare · May 27, 2025

NHS Dumfries and Galloway

Patient data published by INC Ransom group after Scottish health board refused to pay

View incident → Original disclosure Indexed 10 months, 2 weeks ago

high · healthcare · May 15, 2025

Scripps Health (San Diego)

530K patient records re-exposed via legacy system — previously thought contained from 2021

View incident → Original disclosure Indexed 10 months, 4 weeks ago

high · healthcare · May 12, 2025

Blue Cross Blue Shield of Massachusetts

490K member records exposed via compromised third-party billing vendor

View incident → Original disclosure Indexed 11 months ago

high · healthcare · May 10, 2025

ChristianaCare (Delaware)

215K patient records exposed via compromised employee credentials — pharmacy data included

View incident → Original disclosure Indexed 11 months ago

critical · healthcare · May 6, 2025

Anthem Inc. (Elevance Health)

3.2M member records exposed via compromised claims processing vendor

View incident → Original disclosure Indexed 11 months ago

high · healthcare · May 3, 2025

Hartford HealthCare (Connecticut)

298K patient records — credentials stolen via brute-force attack on VPN gateway

View incident → Original disclosure Indexed 11 months, 1 week ago

high · healthcare · May 1, 2025

Winnipeg Regional Health Authority

340K patient records compromised

View incident → Original disclosure Indexed 11 months, 1 week ago

high · healthcare · May 1, 2025

Alabama Ophthalmology Associates

130K patient records including medical images and insurance details exposed

View incident → Original disclosure Indexed 11 months, 1 week ago

high · healthcare · May 1, 2025

Vancouver Coastal Health

Ransomware disrupted health authority systems — patient care coordination affected

View incident → Original disclosure Indexed 11 months, 1 week ago

high · healthcare · Apr 12, 2025

Mount Sinai Health System (NYC)

320K patient records exposed via third-party billing vendor ransomware attack

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Apr 10, 2025

Valley Oaks Health (Indiana)

Behavioral health provider breach exposed 750K patient mental health records

View incident → Original disclosure Indexed 1 year ago

critical · healthcare · Apr 9, 2025

Blue Shield of California

4.7M member records shared with Google Analytics via misconfigured web tracking

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Apr 5, 2025

Hospital Clinic Barcelona

340K patient records compromised in RansomHouse attack

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Apr 5, 2025

HSE Ireland (Health Service Executive)

890K patient records compromised in new attack

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Apr 1, 2025

King Faisal Specialist Hospital (Saudi)

340K patient records stolen

View incident → Original disclosure Indexed 1 year ago

critical · healthcare · Apr 1, 2025

AstraZeneca

1.1M patient trial records compromised in vendor breach

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Apr 1, 2025

Northeast Orthopedics & Sports Medicine

Ransomware attack encrypted patient records and disrupted clinical operations

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Mar 22, 2025

MultiCare Health System

870K patient records exposed in Washington state health system cyberattack

View incident → Original disclosure Indexed 1 year ago