HIPAA Breach Report for April 2024

The HIPAA breach report for April 2024 analyzes protected health information (PHI) breaches affecting 500 or more people, as reported to the Department of Health and Human Services (HHS) in March 2024.

This report covers:

• HIPAA breaches ranked by people affected
• HIPAA breaches ranked by occurrence
• Year-over-year comparison
• Takeaways
• Full data

HIPAA breaches ranked by people affected

Most common breaches by type

• Network server breaches affected the most people in March 2024. 2,760,139 individuals had their data breached.
• Email breaches were the second most common breach, with 164,143 people affected.
• Paper/films breaches affected 19,468 people, the third most common breach type.

HIPAA breaches ranked by occurrence

Most common breach types

• Network server was the most common attack vector in March 2024. There were 69 network server breaches.
• Email breaches were the second most common attack vector. There were 11 email breaches.
• Paper/films breaches were the third most common attack vector, garnering 5 attacks during the month.

Year-over-year comparison

These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (April 2020, April 2021, April 2022, April 2023) with this month’s report.

HIPAA breaches ranked by people affected

What we observe

• Network server, email, and electronic medical record breaches affected the most people overall across this comparison.
• The number of people affected by Email breaches is down this month compared to April 2023's breach report and previous years, showing a slight downward trend.
• Despite electronic medical record breaches affecing the third most people over the last 5 years, this is driven by a large breach in 2020. Currently, electronic medical record breaches are at the lowest in five years.

HIPAA breaches ranked by occurrence

What we observe

• Network server, email, and paper/films breach types were the most common attack vectors in this comparison.
  
• 69 Network server breaches were reported in March, which is up from the previous years and trending upwards with a steady increase year over year.
• The total number of breaches has increased in this month's report by 46% year over year.
  

Takeaways

Network Server breaches affected the most people in March 2024. Risas Dental & Braces. had the most significant breach that affected 618,189 people. Emergency Medical Services Authority had the second-largest breach, which affected 611,743 people.

The yearly comparison shows that network server breaches were the most popular attack vectors for bad actors over the last four March months.

Overall, nearly 3 million individuals had their data accessed via 92 breaches during the last five Marches.

Full data

Click here to view the HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in January 2024.

SEE ALSO: HIPAA Compliant Email: The Definitive Guide

Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.