Here are the five largest healthcare data breaches that have been tracked by the HIPAA Journal in 2023 so far:
1. Managed Care of North America
Covered entity type: Business associate
Individuals affected: 8,923,662
Type of breach: Ransomware attack
2. PharMerica
Covered entity type: Healthcare provider
Individuals affected: 5,815,591
Type of breach: Ransomware attack
3. Regal Medical Group (including Lakeside Medical Organization, A Medical Group, ADOC Acquisition Co., A Medical Group Inc. and Greater Covina Medical Group Inc.)
Covered entity type: Healthcare provider
Individuals affected: 3,300,638
Type of breach: Ransomware attack
4. Cerebral, Inc.
Covered entity type: Business associate
Individuals affected: 3,179,835
Type of breach: Impermissible disclosure (website tracking code)
5. NationsBenefits Holdings
Covered entity type: Business associate
Individuals affected: 3,037,303
Type of breach: Hacking incident (Fortra GoAnywhere MFT)