Cardiovascular Medicine Associates, PA (MyCardiologist)
June 12, 2025
•[ data leak, healthcare, email compromise ]
Hackers accessed MyCardiologists email environment between May 30 and June 12 2025, exfiltrating patient information including medical and insurance details; no encryption or quantitative data reported.
Operation PAR, Inc.
June 10, 2025
•[ ransomware, leak, healthcare ]
On June 10, 2025, Operation PAR, Inc., a Florida nonprofit providing addiction and mental health services, was hit by the Worldleaks ransomware group. The attacker exfiltrated around 485 GB of datanearly 900,000 files containing sensitive PII and PHIand later posted it on a dark-web leak site. No encryption or service disruption was confirmed.
Precision Endodontics of Raleigh
June 10, 2025
•[ hack, healthcare ]
Precision Endodontics discovered unauthorized access to an email account on June 10, 2025. The breach exposed patient names and email addresses, and for some individuals, patient portal usernames and passwords. No misuse has been identified. The incident was reported to HHS-OTCR on August 5 and security improvements have been implemented.
Omnicuris
June 8, 2025
•[ leak, healthcare ]
In June 2025, the Indian CME platform Omnicuris suffered a data breach that exposed approximately 200k records of healthcare professionals. The data included names, email addresses, phone numbers, geographic locations and other data attributes relating to professional expertise and training progress. Omnicuris is aware of the incident.
Highlands Oncology Group
June 2, 2025
•[ ransomware, healthcare ]
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa
West Texas Oral Facial Surgery
May 29, 2025
•[ hack, ransomware, leak ]
West Texas Oral Facial Surgery suffered a cyberattack beginning May 29, 2025, when INC RANSOM gained unauthorized access to its systems. Patient files including names, imaging data, and treatment reasons were exfiltrated, but no encryption of systems was reported. SSNs, financial information, and the electronic medical records system were not affected. The breach impacted over 11,000 individuals and was reported to HHS-OCR on August 2 and to the Texas Attorney General on August 4.
ApolloMD (Business Associate to 11 Physician Practices)
May 22, 2025
•[ ransomware, malware, healthcare ]
ApolloMD confirmed unauthorized access to its network on May 2223 2025 affecting 11 affiliated physician practices. The Qilin ransomware group claimed to have stolen approximately 238 GB of data, including patient and insurance information. ApolloMD did not confirm encryption or ransom payment.
Doctors Hospital at Renaissance, Ltd. (DHR Health)
May 15, 2025
•[ data leak, healthcare ]
Doctors Hospital at Renaissance (DHR Health) notified the U.S. Department of Health & Human Services that it had experienced a data breach impacting sensitive personal and protected health information. An unauthorized party accessed systems storing patient records, potentially exposing names, Social Security numbers, clinical details, and insurance data for an undisclosed number of individuals. The hospital has since notified the Texas Attorney General and begun mailing breach letters, while law firm investigators explore potential compensation claims for patients whose information may be at heightened risk of identity theft and medical fraud.
PDI Health
May 14, 2025
•[ ransomware, leak, malware ]
On May 14, 2025, PDI Health discovered a cyberattack when the Everest ransomware group infiltrated its internal systems and exfiltrated sensitive patient records. The group leaked samples and claimed responsibility on the dark web, revealing more than 373,000 records stolen. No evidence of encryption or service disruption was confirmed.
Anchorage Neighborhood Health Center
May 9, 2025
•[ leak, healthcare ]
Anonymous group claims theft of ANHC patient records (10k, later 60k); FBI aware; at least one patient contacted with personal data. ANHC initiated investigation and took systems offline; scope/details pending.
Ontario Health atHome
April 13, 2025
•[ ransomware, data exfiltration, healthcare ]
Ontario Medical Supply (OMS), a vendor supporting Ontario Health atHomes home care supply operations, experienced a ransomware incident in 2025. Reporting described earliest observed access on March 17, 2025, followed by ransomware payload execution on April 13, 2025, after which OMS systems failed and the organization was locked out of a significant portion of servers. Internal reporting referenced impacts to roughly 200,000 patients and indicated breached data included names, contact information, and medical supplies/equipment ordered. OMS later stated only a limited amount of incomplete data was exfiltrated and said it found no evidence of misuse at the time of its statement.
Integrated Orthopedics of Arizona
April 7, 2025
•[ healthcare ]
The practice first detected unauthorized activity on April 7, 2025, and began notifying affected patients and regulators on August 11.
Fundamental Administrative Services, LLC
March 21, 2025
•[ hack, healthcare ]
On March 21, 2025, Fundamental Administrative Services, a healthcare management company based in Maryland, confirmed a data breach after discovering unauthorized access. Sensitive PII and PHI belonging to 56,235 patients was stolen, including SSNs, medical, and insurance data. No encryption or service disruption was reported.
Central Maine Healthcare
March 19, 2025
•[ hack, healthcare ]
An unauthorized actor accessed Central Maine Healthcares IT environment between March 19 and June 1, 2025, compromising sensitive patient data; systems were secured immediately and patient notifications began in late July 2025
Central Texas Pediatric Orthopedics
March 10, 2025
•[ data leak, healthcare ]
Austin pediatric orthopedics notified breach impacting ninety thousand patient records.
Szpital MSWiA (Ministry of Interior Hospital) Kraków
March 8, 2025
•[ ransomware, malware, healthcare ]
Cyberattack on the Ministry of Interior hospital in Krakw encrypted administrative and medical IT systems, fully paralyzing patient care and access to records. Hospital departments began restoring systems by March 11, indicating ~3 days of disruption. No data exfiltration or perpetrator identified.
Yale New Haven Health
March 8, 2025
•[ data leak, healthcare ]
YNHHS reported that an unauthorized third party accessed its network and on March 8 2025 obtained copies of certain patient data. The health system disclosed the breach publicly on April 24 2025, stating 5.5M+ patients were affected. Data types vary by individual and may include demographics, patient type, medical record number, and in some cases Social Security numbers. No encryption or operational shutdown was reported.
Szpital MSWiA (Ministry of Interior Hospital) Kraków
March 8, 2025
•[ ransomware, cyberattack, healthcare ]
Cyberattack on the Ministry of Interior hospital in Krakw encrypted administrative and medical IT systems, fully paralyzing patient care and access to records. Hospital departments began restoring systems by March 11, indicating ~3 days of disruption. No data exfiltration or perpetrator identified.
Central New York Cardiology
February 27, 2025
•[ data leak, healthcare ]
Practice reported a data breach impacting extensive patient PHI/PII per public notice.
DermCare Management (practice management company)
February 26, 2025
•[ hack, healthcare ]
Attack identified Feb 26, 2025; investigation confirmed Mar 3 that patient data may have been copied from DermCares network. At least 10 affiliated dermatology practices (mainly FL, plus TX) issued substitute notices; totals still being determined.
