Live disclosure tracker · updated continuously

Healthcare Data Breaches

Hospitals, clinics, insurers, and medical-IT vendors are the highest-value targets in cybercrime. Below is every healthcare-sector breach LeakTrace has indexed — patient records, HIPAA disclosures, ransomware victims, and supply-chain compromises.

98B+

Records Exposed

801

Incidents

94+

Countries

+104%

Breach Velocity YoY

View Live Map → Run Free Exposure Scan RSS

Browse by sector

All breaches Healthcare Finance Government Technology Retail Education Legal

Browse by year

Healthcare Data Breaches (801 indexed)

critical · healthcare · Feb 1, 2025

Change Healthcare

190M health records — largest healthcare breach in US history

View incident → Indexed 1 year, 3 months ago

high · healthcare · Jan 28, 2025

SSM Health

760K patient records stolen via compromised vendor portal at Missouri-based Catholic health system

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 27, 2025

Frederick Health

934K patient records exposed in ransomware attack

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 25, 2025

Mass General Brigham (Boston)

520K patient records exposed via compromised third-party scheduling vendor

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 24, 2025

Change Healthcare (Ongoing Fallout)

Continued discovery of exposed records — total revised upward to 190M affected individuals

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 24, 2025

Change Healthcare (2025 Update)

Updated count: 190M Americans affected — largest healthcare breach in US history confirmed

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 21, 2025

Ascension Health (Former Partner)

437K patient records stolen from former business partner system

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 18, 2025

BrightSpring Health Services

3.4M home health and pharmacy patient records exposed in ransomware incident

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 15, 2025

Conduent Business Services

10.5M individuals affected — SafePay ransomware targeting government health contracts

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 15, 2025

Concentra Health (2025)

890K patient records exposed in vendor platform breach

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 10, 2025

CommonSpirit Health (Follow-Up)

870K additional patient records identified from 2024 ransomware attack residual access

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 10, 2025

McGill University Health Centre

670K patient records stolen in targeted attack

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 10, 2025

GSK (GlaxoSmithKline)

560K pharmaceutical records exposed in targeted attack

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 10, 2025

Sentara Healthcare (Virginia)

780K patient records exposed

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 10, 2025

Frederick Health Medical Group

934K patient records compromised in ransomware attack on Maryland healthcare group

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 3, 2025

Anna Jaques Hospital

316K patient records stolen in Christmas Day ransomware attack on Massachusetts hospital

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 2, 2025

Community Health Center Inc

1M patient records exposed in data breach

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Jan 2, 2025

Community Health Center (Connecticut)

1M+ patient records including SSNs and health diagnoses accessed by threat actor

View incident → Original disclosure Indexed 1 year, 4 months ago

high · healthcare · Jan 1, 2025

SickKids Toronto

Patient and research data temporarily encrypted in LockBit attack — decryptor provided after backlash

View incident → Original disclosure Indexed 1 year, 4 months ago

critical · healthcare · Dec 28, 2024

PowerSchool (student health records)

62M student and staff records including health data exposed

View incident → Original disclosure Indexed 1 year, 5 months ago

critical · healthcare · Dec 12, 2024

ESO Solutions

2.7M patient records from hospital and fire department EMS systems exposed in ransomware attack

View incident → Original disclosure Indexed 1 year, 5 months ago

high · healthcare · Dec 8, 2024

Saint Francis Health System (Oklahoma)

275K patient records exposed — attackers exfiltrated surgical and billing records

View incident → Original disclosure Indexed 1 year, 5 months ago

high · healthcare · Dec 5, 2024

University of Pittsburgh Medical

560K patient records stolen

View incident → Original disclosure Indexed 1 year, 5 months ago

high · healthcare · Dec 2, 2024

Vancouver Coastal Health Authority

445K patient records exposed after contractor laptop theft — unencrypted drive

View incident → Original disclosure Indexed 1 year, 5 months ago