The HIPAA breach report for October 2023 analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health and Human Services (HHS) in September 2023.
This report covers:
- HIPAA breaches ranked by people affected
- HIPAA breaches ranked by occurrence
- Year-over-year comparison
- Takeaways
- Full data
HIPAA breaches ranked by people affected
Most common breaches by type
- Network server breaches affected the most people in September 2023. 6,854,737 individuals had their data breached.
- Other breaches were the second most common breach, with 950,854 people affected.
- Email breaches affected 257,706 people, the third most common breach type.
HIPAA breaches ranked by occurrence
Most common breach types
- Network server was the most common attack vector in September 2023. There were 36 network server breaches.
- Email breaches were the second most common attack vector. There were 10 email breaches.
- Other breaches were the third most common attack vectors, each garnering 4 attacks during the month.
Year-over-year comparison
These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (October 2019, October 2020, October 2021, October 2022) with this month’s report.
HIPAA breaches ranked by people affected
What we observe
- Network server, email, and other breaches affected the most people overall across this comparison.
- Nearly 4 times more individuals were impacted by Network server breaches in September 2023 compared to September 2022
- The number of people affected by other breaches has risen drastically in September 2023 compared to previous years.
HIPAA breaches ranked by occurrence
What we observe
- Network server, email, and paper/films breach types were the most common attack vectors in this comparison.
- Network server breaches remain steady in September 2023, down only by one occurrence from the previous year.
- The number of other breaches has increased across this comparison with four occurrences in September 2023, up from one occurrence in each of the previous two years.
Takeaways
Network Server breaches affected the most people in September 2023. Arietis Health, LLC had the most significant breach that affected 1,975,066 people. Virginia Dept. of Medical Assistance Services had the second-largest breach, which affected 1,229,333 people.
The yearly comparison shows that network server breaches were the most popular attack vectors for bad actors over the last five September months. Over 18 million total individuals had their data accessed via 158 network server breaches during this time.
Full data
Click here to view the HHS’ raw data via Google Sheets.
About the Paubox HIPAA Breach Report
The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in September 2023.
SEE ALSO: HIPAA Compliant Email: The Definitive Guide
Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.