Precipio Inc.
November 23, 2025
•[ unauthorized access, data leak, protected health information ]
Precipio posted a Notice of Data Event stating it learned on or about November 25, 2025 that an unauthorized user accessed an employees cloud-based storage account. The companys investigation (with third-party cybersecurity specialists) determined the unauthorized access occurred on or around November 23, 2025 and that certain files in the account were copied without authorization. Precipio stated the impacted information varies by person but may include identifiers and protected health information such as names, addresses, MRNs, DOB, clinical/treatment and procedure information, provider name, prescription information, and health insurance information. The notice said law enforcement was notified and that additional notifications would follow after file review completion.
Munson Healthcare (via Cerner legacy systems)
January 22, 2025
•[ data leak, third party breach, healthcare data ]
Munson Healthcare confirmed that an unauthorized third party gained access to and obtained data maintained by its electronic health record vendor, Cerner, on legacy Cerner systems used by Munson. The investigation indicated access occurred at least as early as January 22, 2025, and could have exposed patient identifiers and clinical information, including Social Security numbers and medical record data. Munson and Cerner reported taking steps to secure the affected systems and notified impacted individuals with options for identity-protection services.
Dr. F.H. Wigmore Regional Hospital patients
July 1, 2024
•[ insider threat, unauthorized access, privacy breach ]
Saskatchewans Information and Privacy Commissioner found a privacy breach at Dr. F.H. Wigmore Regional Hospital where an emergency department unit clerk inappropriately accessed their own health record and the records of 98 other people, for a total of 102 accesses between July 2024 and June 2025. The decision found the employee also disclosed information learned from records in at least two instances, including sharing private health information with a co-worker and texting a family member about another relatives hospital admission.
