.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Dean Levitt
HIPAA Breach Report for April 2025
Dean Levitt : April 9, 2025
The HIPAA Breach Report for April 2025 analyzes protected health information (PHI) breaches affecting 500 or more individuals as reported to the...
The HIPAA breach report for February 2025 analyzes protected health information (PHI) breaches affecting 500 or more people, as reported to the Department of Health and Human Services (HHS) in January 2025.
This report covers:
- HIPAA breaches ranked by people affected
- HIPAA breaches ranked by occurrence
- Year-over-year comparison
- Takeaways
- Full data
HIPAA breaches ranked by people affected
Most common breaches by type
- Network server breaches affected the most people. 1,905,271 individuals had their data breached.
- Electronic Medical Record breaches were the second most common breach, with 1,065,647 people affected.
- Email breaches affected 77,971 people, the third most common breach type.
HIPAA breaches ranked by occurrence
Most common breach types
- Network server was the most common attack vector. There were 47 network server breaches.
- Email breaches were the second most common attack vector. There were 13 email breaches.
- Paper/films breaches were the third most common attack vector, with 5 attacks each.
Year-over-year comparison
These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (February 2021, February 2022, February 2023, and February 2024) with this month’s report.
HIPAA breaches ranked by people affected
What we observe
- Network server, Email, and Electronic medical record breaches affected the most people overall.
- The number of people affected by email breaches is nine times higher than the previous year.
- Network server breaches are lower than in the previous year, but the previous year was an outlier.
HIPAA breaches ranked by occurrence
What we observe
- Network server, Email, and Paper/films breach types were the most common attack vectors.
- 47 network server breaches were reported in January 2025, the same as the previous year.
- The number of January Email breaches is double the previous year.
Takeaways
Network Server breaches affected the most people in January 2025.
Community Health Center, Inc. had the most significant breach, which affected 1,060,936 people. Medusind Inc. had the second-largest breach, which affected 701,475 people.
The yearly comparison shows that network server breaches were the most popular attack vectors in the last four January months.
Overall, over 16 million individuals had their data accessed via 248 breaches during the last five Januarys.
Full data
Click here to view the HHS’ raw data via Google Sheets.
About the Paubox HIPAA Breach Report
The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in January 2025.
SEE ALSO: HIPAA Compliant Email: The Definitive Guide
Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.
HIPAA Breach Report for March 2025
Dean Levitt : March 6, 2025
The HIPAA Breach Report for March 2025 analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the...
HIPAA Breach Report for May 2025
Dean Levitt : May 7, 2025
The HIPAA Breach Report for May 2025 analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department...