Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

HIPAA Breach Report for October 2021

HIPAA Breach Report for October 2021

The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in September 2021.


This report will cover:

HIPAA breaches ranked by people affected

People-oct-2021

Most common breaches by type

  • Desktop breaches affected the most people in September 2021. 580,093 individuals had their data breached.
  • Network servers were the second most common breach, with 443,010 people affected.
  • Email breaches affected 171,544 people, the third most common breach type.

 

HIPAA breaches by occurrence

HIPAA Breach Report for October 2021

 

 

Most common breach types

  • Network servers were the most common attack vector in September 2021. There were eighteen networker server breaches.
  • Email breaches were the second most common attack vector; twelve attacks via email were reported.
  • Desktop breaches were reported four times last month.

 

Year over year comparison

These charts compare the numbers reported in previous Paubox HIPAA Breach Reports with this month’s report.

 

HIPAA breaches ranked by people affected

Occurrence-oct-2021

WHAT WE OBSERVE

  • Network servers, email, and desktop breaches affected the most people overall in September 2017-2021.
  • Network servers impacted more people than all other attack vectors combined.
  • Email breaches affected a total of 1,112,279 people and desktop breaches affected a total of 921,835 people.
  • There were two network server breaches that affected over 4 million people total in September 2020: Trinity Health and Inova Health Systems.

 

HIPAA breaches ranked by occurrence

Screen-Shot-2021-10-07-at-4.28.13-PM

WHAT WE OBSERVE

  • Network servers, email, and paper/films breaches were the most common attack vectors in September 2017-2021.
  • Network servers were breached a total of 94 times.
  • Emails breaches occurred a total of 62 times and paper/films breaches occurred 24 times.
  • The largest number of network server and email breaches happened in September 2020.

 

Takeaways

Desktop breaches affected the most people in September 2021. This is the first time in three months that network server breaches haven’t impacted the most individuals.

State of Alaska Department of Health & Social Services had the largest breach affecting 500,000 people. USV Optical, Inc. had the second-largest breach affecting 180,000 people.

When looking at the yearly comparison, we see that network server and email breaches are very popular attack vectors for bad actors over the last five September months.

Over 11,000,000 total individuals have had their data breached via network server and email breaches in this time frame.

 

Full data

Click here to view the HHS’ raw data via Google Sheets.

 

RELATED:  Google and HIPAA compliance: the ultimate guide

 

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported on the  HHS Wall of Shame in 2021.

 

SEE ALSO: HIPAA compliant email: the definitive guide

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.