Pivot Health
March 13, 2026
•[ unauthorized access, cloud security, health insurance information ]
Pivot Health became aware of suspicious activity in its Amazon Web Services environment on or around March 13, 2026. Its investigation determined that an unauthorized actor accessed the AWS environment at various times between February 26, 2026 and March 13, 2026, and that certain information stored in AWS was viewed or copied. The affected data included health insurance and coverage information, identifiers, dates of coverage, and in some cases financial account information. Public reporting did not identify a responsible actor, ransomware, or operational disruption.
Erie Family Health Centers
December 10, 2025
•[ unauthorized access, data leak, medical records ]
Erie Family Health Centers detected unauthorized access in January 2026 and later determined that an unauthorized third party accessed its network between December 10, 2025 and January 27, 2026, exposing personal, financial, credential, medical, and health insurance information for approximately 570,000 individuals.
New York Life Insurance Company
December 2, 2025
•[ unauthorized access, email compromise, personally identifiable information ]
New York Life Insurance Company discovered unauthorized access to one of its agents' email accounts on December 2, 2025. After securing the account and completing its investigation, the company confirmed on April 8, 2026 that the compromised account contained some clients' personal information, including identifiers, financial information, medical information, and health insurance information. Public reporting did not identify a responsible actor, data volume, ransomware, or operational disruption.
Florida Physician Specialists
November 27, 2025
•[ unauthorized access, data breach, personal information ]
Florida Physician Specialists said unauthorized access to its network occurred between approximately November 27 and November 29, 2025. A review completed on April 6, 2026 determined that personal, financial, medical, and health insurance information may have been removed from the network, affecting 276,498 individuals.
Atlas Transfer and Storage
July 15, 2025
•[ unauthorized access, data breach, PII ]
Atlas Transfer & Storages notice states it identified suspicious activity on July 15, 2025 and launched an investigation. The investigation concluded that an unauthorized party copied certain files on the same date. Atlas reviewed the impacted files and stated the affected information varied by individual but could include identifiers and financial/health insurance information such as SSNs, tax IDs, drivers license/state IDs or other government IDs, payment card numbers, health insurance and medical information, and financial account information. Atlas stated it notified individuals and offered complimentary credit monitoring services.
