Paubox blog: HIPAA compliant email made easy

HIPAA Breach Report for June 2024

Written by Dean Levitt | June 28, 2024

The HIPAA breach report for June 2024 analyzes protected health information (PHI) breaches affecting 500 or more people, as reported to the Department of Health and Human Services (HHS) in May 2024.

 

This report covers:

 

HIPAA breaches ranked by people affected

 

Most common breaches by type

  • Network server breaches affected the most people in May 2024. 8,162,991 individuals had their data breached.
  • Email breaches were the second most common breach, with 222,714 people affected.
  • Electronic medical record breaches affected 42,906 people, the third most common breach type.

 

HIPAA breaches ranked by occurrence

 

Most common breach types

  • Network server was the most common attack vector in May 2024. There were 23 network server breaches.
  • Email breaches were the second most common attack vector. There were 17 email breaches.
  • Electronic medical record breaches were tied as the third most common attack vector, garnering 3 attacks each during the month.

 

Year-over-year comparison

These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (June 2020, May 2021, May 2022, May 2023) with this month’s report.

 

HIPAA breaches ranked by people affected

 

What we observe

  • Network server, other, and email breaches affected the most people overall across this comparison.
  • The number of people affected by Email breaches is up dramatically from the year before. Email breaches are 13 times higher in May 2024 compared to May 2023.
  • There were no Other portable electronic device breaches in June 2024.

 

HIPAA breaches ranked by occurrence

 

What we observe

  • Network server, email, and paper/films breach types were the most common attack vectors in this comparison.
  • 23 Network server breaches were reported in May 2024, which is half of the previous year.
  • The total number of breaches has remained roughly the same year over year apart from May 2023, which was higher than this year and previous years.

 

Takeaways

Network Server breaches affected the most people in May 2024. A&A Services d/b/a Sav-Rx, Inc. had the most significant breach that affected 2.8 million people. WebTPA Employer Services, LLC (“WebTPA”) had the second-largest breach, which affected 2,518,533 people.

The yearly comparison shows that network server breaches were the most popular attack vectors for bad actors over the last 3 May months.

Overall, over 39 million individuals had their data accessed via 298 breaches during the last five Mays.

 

Full data

Click here to view the HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in January 2024.

SEE ALSO: HIPAA Compliant Email: The Definitive Guide

Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.