Ohio Medical Alliance (Ohio Marijuana Card)
July 14, 2025
•[ leak, misconfiguration, healthcare ]
Unsecured database exposed sensitive records of an estimated 30,00040,000 Ohio medical cannabis patients. Data included names, addresses, phone numbers, email addresses, medical marijuana card numbers, state ID numbers, and medical information. The database was discovered on July 14, 2025, by a security researcher and secured on July 15; no evidence of ransomware or encryption was found.
Philadelphia Corporation for Aging
July 10, 2025
•[ data leak, healthcare ]
A data breach at the Philadelphia Corporation for Aging allowed unauthorized access to systems between July 10 and July 25, 2025, during which personal and protected health information for 19,820 individuals was copied. PCA filed notice on November 4, 2025.
Undisclosed Florida orthopedic practice
July 8, 2025
•[ data leak, healthcare ]
Beckers reports a data breach affecting a Florida orthopedic practice; details on scope and vector limited.
Woodlawn Health
July 5, 2025
•[ ransomware, malware, healthcare ]
Woodlawn Health in Rochester, Indiana suffered a ransomware attack starting July 5, 2025, which encrypted systems and disrupted clinical and administrative operations. Systems were gradually restored, and officials confirmed that some patient care was impacted. Investigations continue into whether personal or medical data was exfiltrated.
Clinical Diagnostics NMDL (Eurofins) lab systems
July 3, 2025
•[ hack, healthcare ]
A breach at the Clinical Diagnostics NMDL lab in Rijswijk compromised personal and medical data of women who participated in cervical cancer screenings; hackers accessed the data starting July 3, 2025, with notification to affected individuals beginning around August 11
University of Iowa Community HomeCare
July 3, 2025
•[ hack, healthcare ]
Cybercriminal gained unauthorized access to UI Community HomeCare computer system on July 3, 2025; systems restored within one business day but files containing patient information were viewed and copied.
Royal Health
July 3, 2025
•[ hack, healthcare ]
Data breach at Royal Health Inc. detected on or about July 3, 2025, where an unauthorized party accessed documents potentially containing full names and Social Security numbers. The breach was disclosed to the Massachusetts Attorney General and notifications began August 21. Compensation inquiries are underway under Levi & Korsinsky LLPs investigation.
OutcomesOne
July 1, 2025
•[ social, phishing, healthcare ]
A phishing attack compromised a single employees email account for about one hour at OutcomesOne, a Florida-based professional services firm providing health IT and medication management support to insurers and pharmacies. Attackers accessed PHI stored in the organizations email application server, exposing data of roughly 149,000 individuals including names, demographics, provider, insurance, and medication information. No Social Security numbers or financial data were involved.
Pulse Urgent Care Center
July 1, 2025
•[ data leak, unauthorized access, healthcare ]
Unauthorized access to Pulse Urgent Care Centers network exposed patient PHI; no encryption or quantitative scope reported and threat actor unconfirmed.
MPOWERHealth
June 29, 2025
•[ ransomware, leak, hack ]
WorldLeaks, a criminal ransomware group, claimed responsibility for a June 29, 2025 cyberattack on MPOWERHealth in Addison, Texas. The attackers exfiltrated roughly 1.5 TB of data (over 1.6 million files), including PHI, insurance claims, internal documents, login credentials, and cyber-insurance records. While negotiations began, the company ceased responding, after which WorldLeaks leaked the stolen files. Reports indicate data theft and exposure but no confirmed operational outage.
Somerset County Children & Youth Services
June 26, 2025
•[ hack, healthcare ]
Email accounts of Somerset County CYS were breached during a fourday period; exposed data includes Social Security and insurance IDs, medical dates, condition/treatment info, sometimes paternity testing info; no confirmed misuse yet; County working with forensics, notifying affected, improving email security and staff training.
Viva Health Insurance
June 14, 2025
•[ leak, misconfiguration, healthcare ]
Viva Health, an Alabama-based health insurance company headquartered in Birmingham, experienced exposure of a web-accessible file from June 14 to August 27, 2025. The file contained limited PHI for about 4,945 members and was removed upon discovery. No misuse or encryption was reported.
Sturgis Hospital
June 12, 2025
•[ hack, healthcare ]
Sturgis Hospital confirmed a second unauthorized network access event discovered in June 2025 while investigating an earlier breach. The incident involved potential access to protected health information. No ransomware or disruption to hospital operations was reported.
Cardiovascular Medicine Associates, PA (MyCardiologist)
June 12, 2025
•[ data leak, healthcare, email compromise ]
Hackers accessed MyCardiologists email environment between May 30 and June 12 2025, exfiltrating patient information including medical and insurance details; no encryption or quantitative data reported.
Operation PAR, Inc.
June 10, 2025
•[ ransomware, leak, healthcare ]
On June 10, 2025, Operation PAR, Inc., a Florida nonprofit providing addiction and mental health services, was hit by the Worldleaks ransomware group. The attacker exfiltrated around 485 GB of datanearly 900,000 files containing sensitive PII and PHIand later posted it on a dark-web leak site. No encryption or service disruption was confirmed.
Precision Endodontics of Raleigh
June 10, 2025
•[ hack, healthcare ]
Precision Endodontics discovered unauthorized access to an email account on June 10, 2025. The breach exposed patient names and email addresses, and for some individuals, patient portal usernames and passwords. No misuse has been identified. The incident was reported to HHS-OTCR on August 5 and security improvements have been implemented.
Omnicuris
June 8, 2025
•[ leak, healthcare ]
In June 2025, the Indian CME platform Omnicuris suffered a data breach that exposed approximately 200k records of healthcare professionals. The data included names, email addresses, phone numbers, geographic locations and other data attributes relating to professional expertise and training progress. Omnicuris is aware of the incident.
Highlands Oncology Group
June 2, 2025
•[ ransomware, healthcare ]
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa
West Texas Oral Facial Surgery
May 29, 2025
•[ hack, ransomware, leak ]
West Texas Oral Facial Surgery suffered a cyberattack beginning May 29, 2025, when INC RANSOM gained unauthorized access to its systems. Patient files including names, imaging data, and treatment reasons were exfiltrated, but no encryption of systems was reported. SSNs, financial information, and the electronic medical records system were not affected. The breach impacted over 11,000 individuals and was reported to HHS-OCR on August 2 and to the Texas Attorney General on August 4.
ApolloMD (Business Associate to 11 Physician Practices)
May 22, 2025
•[ ransomware, malware, healthcare ]
ApolloMD confirmed unauthorized access to its network on May 2223 2025 affecting 11 affiliated physician practices. The Qilin ransomware group claimed to have stolen approximately 238 GB of data, including patient and insurance information. ApolloMD did not confirm encryption or ransom payment.
