More than 40 million patients' medical information has been involved in data breaches so far this year; at this rate, 2023 will break the record for most individuals affected in breaches.
Here are 11 healthcare data breach incidents that Becker's has reported on since Aug. 15:
1. Sioux Falls, S.D.-based Avera Health's imaging vendor, DMS Health Technologies, experienced a cybersecurity event that affected 1,500 of the health system's patients.
2. Tupelo-based North Mississippi Health Services shut down a hacker who had gained entry to its network after an employee opened a phishing email in 17 minutes. The organization noted that no financial information, Social Security numbers or EHRs were accessed, and it has no indication that any of the potentially breached data has been misused.
3. San Antonio-based CentroMed reported a data breach affecting 350,000 individuals. The hospital notified affected individuals and installed new safeguards.
4. A third-party vendor of Cumming, Ga.-based Milan Eye Center experienced a data breach that compromised patient information, including names and Social Security numbers, dates of birth, phone numbers, insurance coverage information, locations where services were provided, dates of service and health status.
5. Precision Anesthesia Billing filed a notice of data breach with HHS after an incident affected the personal information of 209,200 individuals.
6. Louisville, Ky.-based UofL Health confirmed that it has been affected by the data breach on popular file transfer tool MOVEit, which affected millions of people across a variety of industries.
7. Morris (Ill.) Hospital & Healthcare Centers disclosed a data breach that affected 248,943 patients. According to DataBreaches.net, the Royal Ransomware group claimed responsibility for the breach and added the hospital to its leak site.
8. More than 134,000 people enrolled or formerly enrolled in certain Massachusetts state programs had personal information, including medical details and financial data, compromised in a data breach involving MOVEit, a file transfer program used by Boston-based UMass Chan Medical School.
9. Vecino Health Centers, based in Houston, was affected by the MOVEit cyberattack and is notifying patients affected by the breach. Vecino Health Centers shares information with Bellaire, Texas-based Harris Health, which uses the MOVEit transfer software program. Harris Health experienced a hacking/IT incident affecting 224,703 individuals.
10. Parkersburg, W.Va.-based WVU Medicine Camden Clark Medical Centers and its physician group were breached because their financial institution, United Bank, used the MOVEit file transfer software that was infiltrated by hackers.
11. Nashville, Tenn.-based HCA Healthcare notified patients of a data breach. The health system said that 11.27 million patients were affected in the breach.