1 min read

HIPAA Breach Report for January 2025

Picture of Dean Levitt Dean Levitt January 07, 2025

HIPAA Breach Reports
HIPAA Breach Report for January 2025

The HIPAA breach report for January 2025 analyzes protected health information (PHI) breaches affecting 500 or more people, as reported to the Department of Health and Human Services (HHS) in December 2024.

 

This report covers:

 

HIPAA breaches ranked by people affected

Paubox HIPAA Breach Report January 2025 - HIPAA breaches ranked by people affected

 

Most common breaches by type

  • Network server breaches affected the most people. 3,539,126 individuals had their data breached.
  • Email breaches were the second most common breach, with 591,862 people affected.
  • Other breaches affected 13,000 people, the third most common breach type.

 

HIPAA breaches ranked by occurrence

Paubox HIPAA Breach Report January 2025 - HIPAA breaches ranked by occurrence

 

Most common breach types

  • Network server was the most common attack vector. There were 31 network server breaches.
  • Email breaches were the second most common attack vector. There were 11 email breaches.
  • Electronic medical record, Other portable electronic device, and Paper/films breaches were the third most common attack vector, with 2 attacks each.

 

Year-over-year comparison

These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (January 2021January 2022, January 2023, and January 2024) with this month’s report.

 

HIPAA breaches ranked by people affected

Paubox HIPAA Breach Report January 2025 - HIPAA breaches ranked by people affected - year-over-year comparison

 

What we observe

  • Network server, Email, and Other breaches affected the most people overall.
  • The number of people affected by email breaches is up significantly from the previous year.
  • Network server breaches are lower than in the previous year but still show an upward trend.

 

HIPAA breaches ranked by occurrence

Paubox HIPAA Breach Report January 2025 - HIPAA breaches ranked by occurrence - year-over-year comparison

 

What we observe

  • Network server, Email, and Paper/films breach types were the most common attack vectors.
  • 32 network server breaches were reported in December 2024, down from the previous year.
  • The number of December Email breaches has remained similar over the last few years.

 

Takeaways

Network Server breaches affected the most people in December 2024.

ConnectOnCall.com, LLC had the most significant breach, which affected 914,138 people. Richmond University Medical Center had the second-largest breach, which affected 674,033 people.

The yearly comparison shows network server breaches were the most popular attack vectors in the last five December months.

Overall, over 25 million individuals had their data accessed via 252 breaches during the last five Decembers.

 

Full data

Click here to view the HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in December 2024.

SEE ALSO: HIPAA Compliant Email: The Definitive Guide

Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.
Send PHI securely—No portals required. The all-in-one email security suite for healthcare. HIPAA compliant email with Google and Microsoft.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.