by Hannah Trum Senior Marketing Specialist
Article filed in

HIPAA Breach Report for September 2020

by Hannah Trum Senior Marketing Specialist


The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in August 2020.

This report will cover:

HIPAA Breaches Ranked by People Affected

HIPAA breaches ranked by people affected in September 2020 graph

Top Two Breach Types

  • Network Server breaches ranked first (again) with 1,842,946 people affected
  • Email breaches came in second with 282,871 people affected
  • The Other attack vector category came in third with 18,248 people affected

HIPAA Breaches Ranked by Occurrence

HIPAA breaches ranked by occurrence in September 2020 graph

The Most Common

  • Network Server and Email tied for the top spot as the most common breach type. Both had a total of 12 reported breaches in August.
  • Other and Paper/Films are tied for 3rd place with three reported breaches each.


As with the previous summer months, email and network servers continue to be the top contributors to data breaches.

Northern Light Health had the most massive breach, with 657,392 people’s data affected via a network server. Saint Luke’s Foundation had the second-largest breach in August 2020, with 360,212 people affected. This breach was also via a network server.

Full Data

Click here to view the raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported in the HHS Wall of Shame in August 2020.