Largest Healthcare Data Breaches Still Matter Years Later, With 2024 Exposing Over 276 Million Records
Published on January 6, 2026
Key Takeaways
- Historic Data Exposure: In 2024, over 276 million records were exposed or impermissibly disclosed in the healthcare sector.
- Shift in Attack Vectors: Hacking and IT incidents have become the dominant threat vector, accounting for nearly 80% of reported breaches in 2023.
- Escalating Severity: The magnitude of individual incidents has escalated drastically, with business associates increasingly becoming the primary point of vulnerability.
Recent analysis of healthcare data breach statistics indicates an escalation in the severity of cyber threats facing the medical industry. While 2023 set a record for the total number of reported incidents at 725, the following year was defined by the sheer volume of compromised data.
Unprecedented Surge in Compromised Records
Between 2009 and 2024, 6,759 healthcare data breaches of 500 or more records were reported to the Office for Civil Rights (OCR), which exposed the protected health information of 846,962,011 individuals. In 2024 alone, the protected health information (PHI) of more than 276 million individuals was exposed, a recent HIPAA report said.
This figure underscores a critical failure in current defensive postures, driven primarily by the colossal ransomware attack on Change Healthcare, which affected an estimated 190 million individuals, making it the largest single healthcare data breach on record.
Among the 87 entries on the list are also found the 2025 DaVita breach and Blue Shield of California, as well as the 2024 HealthEquity intrusion.
The report reveals a “downward trend” in improper disposal incidents and unauthorized access/disclosure incidents, but data breaches continue to rise “due to a massive increase in hacking incidents and ransomware attacks.”
Also, HIPAA reports that business associate data breaches have increased. In 2023, almost 35 million healthcare records were exposed due to breaches at healthcare providers, and over 93 million at business associates.
Dominance of Hacking and IT Incidents
Current data breach trends reveal a fundamental shift in the threat landscape. Early tracking by the Office for Civil Rights (OCR) often cited theft of physical records or devices as primary causes.
However, recent data confirms that hacking and IT incidents now constitute the overwhelming majority of breaches. In 2023, hacking accounted for 79.7% of all reported large-scale breaches.
This transition highlights the sophistication of modern threat actors who are aggressively targeting network vulnerabilities rather than physical assets, necessitating a more robust approach to cybersecurity in healthcare.
Compliance and Supply Chain Vulnerabilities
This trend complicates HIPAA compliance efforts, as covered entities must grapple with the security postures of their third-party vendors. The concentration of data within these business associates creates high-value targets for cybercriminals.
As the industry faces these escalating threats, the focus must shift toward:
- Rigorous vendor risk management,
- The implementation of advanced encryption and monitoring protocols,
- Implementing two-factor authentication on privileged accounts,
- Checking that appropriate permissions are applied to all storage volumes (cloud and on-premises),
- Checking network connections for unauthorized open ports,
- Eliminating Shadow IT environments developed as workarounds.
A recently released audit conducted by Australia’s Audit Office revealed that NSW hospitals are vulnerable to cyberattacks due to poor management of cyber risks and failure to meet minimum requirements.
“This exposes the risk that a preventable cybersecurity incident could disrupt access to healthcare services and compromise the security of sensitive patient information,” the audit said.
Meanwhile, New Zealand is in the process of probing a major ManageMyHealth data breach, as hackers claim to have stolen over 428,000 files.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular