Hacking/IT Incident breaches reported to HHS OCR
A breach categorised as Hacking/IT Incident is one HHS OCR recorded under that heading on its HIPAA Breach Reporting Portal. In 2023-10-12 to 2026-06-16 there were 644 such breaches affecting 500+ individuals — 88.7% of all reported breaches, ranking it #1 of 4 types by volume, and affecting 355,345,365 individuals.
Quick answer
In 2023-10-12 to 2026-06-16, HHS OCR recorded 644 hacking/it incident breaches of unsecured protected health information affecting 500+ individuals, which is 88.7% of the 726 breaches reported across all types and makes it the #1 most common of 4. These breaches affected 355,345,365 individuals in total.
Source: U.S. HHS Office for Civil Rights — HIPAA Breach Reporting Portal (HIPAA Cases Currently Under Investigation (breaches affecting 500+ individuals)), under HITECH Act s.13402(e)(4); HIPAA Breach Notification Rule. This is a work of the U.S. federal government in the public domain. Figures are record counts and reported affected-individual totals for 2023-10-12 to 2026-06-16, retrieved 2026-06-27. Presented neutrally; this is statistics, not legal advice.
Recent hacking/it incident breaches
The 25 most recent breaches of this type in 2023-10-12 to 2026-06-16, exactly as reported to HHS OCR.
| Date | Covered entity / business associate | State | Individuals |
|---|---|---|---|
| 06/16/2026 | Gail J May Ltd d/b/a/ Insight Optical | IL | 501 |
| 06/05/2026 | Minnesota Epilepsy Group, P.A. | MN | 80,061 |
| 06/05/2026 | Xsolis, Inc. | TN | 1,396,519 |
| 06/03/2026 | Amicus Solutions, Inc. (additional related entities may be impacted, the names of which are available upon request) | SC | 1,137 |
| 06/03/2026 | City of Middletown | OH | 20,608 |
| 06/02/2026 | JASON R EGBERT OD PC | WA | 1,225 |
| 05/29/2026 | Campbell University | NC | 500 |
| 05/29/2026 | United Medical Doctors | CA | 501 |
| 05/23/2026 | Virta Medical PC | CO | 14,636 |
| 05/22/2026 | Acadia Healthcare Company, Inc | TN | 1,807 |
| 05/22/2026 | AUTOAPS LLC | CA | 1,591 |
| 05/22/2026 | Equinix Incorporated Group Health and Welfare Benefit Plan | CA | 677 |
| 05/22/2026 | Gastro Health | FL | 1,628 |
| 05/22/2026 | Gastro Health | FL | 35,632 |
| 05/22/2026 | Nottingham Village | PA | 5,240 |
| 05/22/2026 | Oakwood Lutheran Senior Ministries, Inc. | WI | 1,080 |
| 05/22/2026 | South Florida Injury Centers, Inc. | FL | 1,525 |
| 05/22/2026 | Southern Illinois Ob-Gyn Associates, S.C. | IL | 38,700 |
| 05/21/2026 | Coastal Carolina Centers of Urology and Surgery, LLC | SC | 2,886 |
| 05/21/2026 | Defense Health Agency (TriWest) | VA | 11,848 |
| 05/21/2026 | Ira L. Savetsky, MD PLLC | NY | 564 |
| 05/21/2026 | Radiology Associates of Richmond | VA | 266,183 |
| 05/21/2026 | Regence | OR | 2,856 |
| 05/20/2026 | Southwest Behavioral Health Services.org | AZ | 2,316 |
| 05/19/2026 | Singing River Health System | MS | 53,888 |
Other breach types
Compare with every other breach type's reported volume in 2023-10-12 to 2026-06-16.
Or return to the US healthcare data breaches hub for the full breakdown by state and the 356,175,086 individuals affected overall.
FAQ
- How many hacking/it incident healthcare breaches were reported to HHS OCR in 2023-10-12 to 2026-06-16?
- HHS OCR's portal lists 644 breaches categorised as hacking/it incident affecting 500 or more individuals in 2023-10-12 to 2026-06-16, collectively affecting 355,345,365 individuals. That is 88.7% of the 726 breaches reported across all types, ranking hacking/it incident #1 of 4 categories by volume. Figures are taken directly from the HHS OCR HIPAA Breach Reporting Portal.
- What does "Hacking/IT Incident" mean on the HHS breach portal?
- HHS categorises a breach as a Hacking/IT Incident when unsecured protected health information was exposed through a cyberattack or technical compromise — ransomware, stolen credentials, exploited vulnerabilities, or unauthorized network intrusion. It is now the dominant breach category.
- How can a healthcare organization prevent hacking/it incident breaches?
- Because hacking/it incident accounts for 88.7% of reported breaches in this data, the most effective controls are practical: multi-factor authentication and least-privilege access, prompt patching of internet-facing systems, encryption of protected health information at rest and in transit, tested offline backups, redaction and recipient checks before disclosure, and a rehearsed 60-day breach-response process. A structured compliance audit maps your data flows against the HIPAA Security Rule.
Data retrieved 2026-06-27 · reporting window 2023-10-12 to 2026-06-16.
Harden your data protection before it becomes a breach report
The overwhelming majority of the breaches in this data are hacking/IT incidents and unauthorized access — both reducible with basic access, email and backup controls. GeraCompliance's fixed-scope compliance sprint maps your data flows, hardens the controls behind these breach types, and leaves you with a tested incident-response plan — in days, not months.