Google AI list generated by asking for "biggest healthcare data breach". It is AI but, since factual, probably a good roundup. After the Change Healthcare breach, many in subsequent breaches may have been victims more than once.
The largest healthcare data breach in U.S. history was the Change Healthcare breach in 2024, which affected an estimated 190 million patient records. This attack, attributed to the BlackCat/ALPHV ransomware group, severely disrupted healthcare operations across the country, impacting pharmacy transactions, billing, and insurance claims.
Here's a more detailed look at some of the largest healthcare data breaches:
Change Healthcare (2024):
Impact: 190 million patient records.
Cause: Ransomware attack by the BlackCat/ALPHV group.
Consequences: Disrupted pharmacy transactions, billing systems, and insurance claims.
Anthem Blue Cross (2015):
Impact: 78.8 million patient records.
Cause: Cyberattack.
Data Stolen: Names, Social Security numbers, addresses, and dates of birth.
Community Health Systems (2014):
Impact: 4.5 million patients.
Cause: Cybercriminals believed to be in China exploiting a software vulnerability.
Trinity Health (2020):
Impact: 3.3 million patients.
Cause: Ransomware attack through a third-party vendor, Blackbaud.
OneTouchPoint (2022):
Impact: 2.6 million people.
Cause: Illegal access of its systems by cybercriminals.
Broward Health (2022):
Impact: 1.3 million patients.
Cause: Data breach through a compromised third-party medical provider.
Other Notable Breaches:
Shields Healthcare Group (2022): 2 million individuals affected.
Texas Tech University Health Sciences Center (2022): 1.2 million patient records.
Novant Health (2022): 1.3 million individuals.
Baptist Medical Center (2022): 1.24 million individuals.
These breaches highlight the vulnerability of the healthcare industry to cyberattacks and the significant impact these attacks can have on patient data and healthcare operations.