Paubox blog: HIPAA compliant email made easy

HIPAA Breach Report for May 2023

Written by Sara Uzer | May 26, 2023

The HIPAA breach report for May 2023 analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health and Human Services (HHS) in April 2023.

 

This report covers:

 

HIPAA breaches ranked by people affected

 

Most common breaches by type

  • Network server breaches affected the most people in April 2023. 4,259,256 individuals had their data breached.
  • Email breaches were the second most common breach, with 127,974 people affected.
  • Paper/films breaches affected 35,025 people, the third most common breach type.

 

HIPAA breaches ranked by occurrence

 

Most common breach types

  • Network server was the most common attack vector in April 2023. There were 30 network server breaches.
  • Email breaches were the second most common attack vector. There were 12 email breaches.
  • Paper/films breaches were the third most common attack vector. There were 6 attacks during the month. 

 

Year-over-year comparison

These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (May 2019, May 2020, May 2021, May 2022) with this month’s report.

 

HIPAA breaches ranked by people affected

 

What we observe

  • Network server, email, and other breaches affected the most people overall across this comparison.
  • The number of people affected by email breaches more than doubled in April 2021 compared to April 2020.
  • The number of people affected by paper/films breaches has steadily increased in the last three April months. 

 

HIPAA breaches ranked by occurrence

What we observe

  • Network server, email, and paper/films breach types were the most common attack vectors in this comparison.
  • Laptop breaches have decreased across this comparison, with no occurrences in the past three April months.
  • The highest number of network server breaches occurred in April 2023.

 

Takeaways

Network server breaches affected the most people in April 2023. NationsBenefits Holdings, LLC had the most significant breach that affected 3,037,303 people. Brightline, Inc. had the second-largest breach, which affected 462,241 people.

The yearly comparison shows that network server breaches were the most popular attack vectors for bad actors over the last five April months. Over 8 million total individuals had their data accessed via 94 network server breaches during this time.

 

Full data

Click here to view the HHS’ raw data via Google Sheets.

 

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in March 2023.

SEE ALSO: HIPAA Compliant Email: The Definitive Guide

Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.