HIPAA Breach Report for December 2022

December Breach Report

The December Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health and Human Services (HHS) in November 2022.

This report covers:

HIPAA breaches ranked by people affected

Dec affected

Most common breaches by type

  • Network server breaches affected the most people in November 2022. 6,809,558 individuals had their data breached.
  • Email breaches were the second most common breach, with 49,681 people affected.
  • Electronic medical record breaches affected 25,219 people, the third most common breach type.

HIPAA breaches ranked by occurrence

Dec occurrence

Most common breach types

  • Network server was the most common attack vector in November 2022. There were 36 network server breaches.
  • Email breaches were the second most common attack vector. There were 7 email breaches.
  • Electronic medical record breaches were the third most common attack vector, garnering 4 attacks during the month.

Year-over-year comparison

These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports (December 2018, December 2019, December 2020, December 2021) with this month’s report.

HIPAA breaches ranked by people affected

dec aff yoy

What we observe

  • Network server, email, and electronic medical record breaches affected the most people overall across this comparison.
  • With the exception of an outlier in November 2020, email breaches have steadily increased year over year, affecting a total of 1,661,242 people in these months.

HIPAA breaches ranked by occurrence

Dec occurrence yoy

What we observe

  • Network server and email breach types were the most common attack vectors in this comparison.
  • Network server breaches more than doubled in November 2022 when compared to November 2021.
  • Paper/films breaches have seen a steady decline over this timespan, with only two occurrences in November 2022.

Takeaways

Electronic medical record breaches affected the most people in November 2022. Advocate Aurora Health had the most significant breach that affected 3,000,000 people. SightCare, Inc. had the second-largest breach, which affected 637,999 people.

The yearly comparison shows that network server breaches were the most popular attack vectors for bad actors over the last five November months. Over four million total individuals had their data accessed via 86 network server breaches during this time.

Full data

Click here to view the HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in November 2022.

SEE ALSO: HIPAA Compliant Email: The Definitive Guide

Robust inbound email security is a necessity for businesses today. Keeping your email security strategy updated helps ensure the protection of your network.

About the author

Sara Uzer

Read more by Sara Uzer

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader