The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in May 2021.
This report will cover:
HIPAA Breaches Ranked by People Affected
Top Three Breach Types
- Other breach types affected the most individuals in May 2021.
- Network server breaches rank second with 2,714,029 people affected.
- Paper/film breaches affected 77,758 people in May 2021 and is the third most common breach type for the month.
HIPAA Breaches by Occurrence
Most Common Breach Types
- Network servers were the most common attack vector in May 2021, with 32 occurrences.
- Email breaches were the second most common, with 7 incidents.
- Paper/film breaches had a total of 6 breaches last month and were the third most common.
For the first month in a long time, network server and email breaches did not affect the most people.
20/20 Eye Care Network, Inc. had the largest data breach of May 2021 A hacking/IT incident via an “other” breach type affected 3,253,822 people. The organization’s Amazon AWS S3 buckets were accessed and data deleted. At the time of this publication, 20/20 Eye Care Network, Inc. did not have a conclusive determination of what data was accessed, exfiltrated, or deleted.
NEC Networks, LLC d/b/a CaptureRX had the second largest breach of the month. 1,656,569 people were breached via a network server incident.
Click here to view the HHS’ raw data via Google Sheets.
About the Paubox HIPAA Breach Report
The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported in the HHS Wall of Shame in May 2021.