by Hannah Trum Senior Marketing Specialist
Article filed in

HIPAA Breach Report for May 2021

by Hannah Trum Senior Marketing Specialist

The Paubox Breach Report used HIPAA breach reporting submitted to the U.S. Department of Health & Human Services (HHS) in April 2021 to analyze the types of breaches of unsecured protected health information (PHI) affecting 500 or more people.

This report will cover:

HIPAA Breaches Ranked by People Affected

Top Three Breach Types

  • Network server breaches ranked first (again), with 1,671,081 people affected.
  • Email breaches ranked second, with 460,712 people affected.
  • Other breach types ranked third with 143,928 people affected.

HIPAA Breaches Ranked by Occurrence

Most Common Breach Types

  • Network server breaches were the most common attack vector in April 2021, with 27 occurrences.
  • Email breaches were the second most common, with 17 occurrences.
  • Other breach types were the third most common, with 4 total breaches last month.


Data breaches via network servers continue to be the most common type of breach and affect the most people. Email attacks remain a close second.

Trinity Health had the largest data breach in April 2021, with 589,869 people affected via a network server attack. Bricker & Eckler LLP had the next largest breach. 420,532 people were also affected via a network server attack.

Full Data

Click here to view HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported in the HHS Wall of Shame in April 2021.

SEE ALSO: HIPAA Compliant Email: the Definitive Guide