Skip to main content

Hacking/IT Incident breaches reported to HHS OCR

A breach categorised as Hacking/IT Incident is one HHS OCR recorded under that heading on its HIPAA Breach Reporting Portal. In 2023-10-12 to 2026-06-16 there were 644 such breaches affecting 500+ individuals — 88.7% of all reported breaches, ranking it #1 of 4 types by volume, and affecting 355,345,365 individuals.

Quick answer

In 2023-10-12 to 2026-06-16, HHS OCR recorded 644 hacking/it incident breaches of unsecured protected health information affecting 500+ individuals, which is 88.7% of the 726 breaches reported across all types and makes it the #1 most common of 4. These breaches affected 355,345,365 individuals in total.

644
Reported breaches
355,345,365
Individuals affected
88.7%
Share of all breaches
551,779
Avg. per breach

Source: U.S. HHS Office for Civil Rights — HIPAA Breach Reporting Portal (HIPAA Cases Currently Under Investigation (breaches affecting 500+ individuals)), under HITECH Act s.13402(e)(4); HIPAA Breach Notification Rule. This is a work of the U.S. federal government in the public domain. Figures are record counts and reported affected-individual totals for 2023-10-12 to 2026-06-16, retrieved 2026-06-27. Presented neutrally; this is statistics, not legal advice.

Recent hacking/it incident breaches

The 25 most recent breaches of this type in 2023-10-12 to 2026-06-16, exactly as reported to HHS OCR.

DateCovered entity / business associateStateIndividuals
06/16/2026Gail J May Ltd d/b/a/ Insight OpticalIL501
06/05/2026Minnesota Epilepsy Group, P.A.MN80,061
06/05/2026Xsolis, Inc.TN1,396,519
06/03/2026Amicus Solutions, Inc. (additional related entities may be impacted, the names of which are available upon request)SC1,137
06/03/2026City of MiddletownOH20,608
06/02/2026JASON R EGBERT OD PCWA1,225
05/29/2026Campbell UniversityNC500
05/29/2026United Medical DoctorsCA501
05/23/2026Virta Medical PCCO14,636
05/22/2026Acadia Healthcare Company, IncTN1,807
05/22/2026AUTOAPS LLCCA1,591
05/22/2026Equinix Incorporated Group Health and Welfare Benefit PlanCA677
05/22/2026Gastro HealthFL1,628
05/22/2026Gastro HealthFL35,632
05/22/2026Nottingham VillagePA5,240
05/22/2026Oakwood Lutheran Senior Ministries, Inc.WI1,080
05/22/2026South Florida Injury Centers, Inc.FL1,525
05/22/2026Southern Illinois Ob-Gyn Associates, S.C.IL38,700
05/21/2026Coastal Carolina Centers of Urology and Surgery, LLCSC2,886
05/21/2026Defense Health Agency (TriWest)VA11,848
05/21/2026Ira L. Savetsky, MD PLLCNY564
05/21/2026Radiology Associates of RichmondVA266,183
05/21/2026RegenceOR2,856
05/20/2026Southwest Behavioral Health Services.orgAZ2,316
05/19/2026Singing River Health SystemMS53,888

Other breach types

Compare with every other breach type's reported volume in 2023-10-12 to 2026-06-16.

Or return to the US healthcare data breaches hub for the full breakdown by state and the 356,175,086 individuals affected overall.

FAQ

How many hacking/it incident healthcare breaches were reported to HHS OCR in 2023-10-12 to 2026-06-16?
HHS OCR's portal lists 644 breaches categorised as hacking/it incident affecting 500 or more individuals in 2023-10-12 to 2026-06-16, collectively affecting 355,345,365 individuals. That is 88.7% of the 726 breaches reported across all types, ranking hacking/it incident #1 of 4 categories by volume. Figures are taken directly from the HHS OCR HIPAA Breach Reporting Portal.
What does "Hacking/IT Incident" mean on the HHS breach portal?
HHS categorises a breach as a Hacking/IT Incident when unsecured protected health information was exposed through a cyberattack or technical compromise — ransomware, stolen credentials, exploited vulnerabilities, or unauthorized network intrusion. It is now the dominant breach category.
How can a healthcare organization prevent hacking/it incident breaches?
Because hacking/it incident accounts for 88.7% of reported breaches in this data, the most effective controls are practical: multi-factor authentication and least-privilege access, prompt patching of internet-facing systems, encryption of protected health information at rest and in transit, tested offline backups, redaction and recipient checks before disclosure, and a rehearsed 60-day breach-response process. A structured compliance audit maps your data flows against the HIPAA Security Rule.

Data retrieved 2026-06-27 · reporting window 2023-10-12 to 2026-06-16.

Harden your data protection before it becomes a breach report

The overwhelming majority of the breaches in this data are hacking/IT incidents and unauthorized access — both reducible with basic access, email and backup controls. GeraCompliance's fixed-scope compliance sprint maps your data flows, hardens the controls behind these breach types, and leaves you with a tested incident-response plan — in days, not months.