{"license":"CC BY 4.0","attribution":"Patient Protect — patient-protect.com/breachdash","source":"HHS OCR Breach Portal with Patient Protect editorial enrichment","count":1000,"retrieved_at":"2026-07-07T12:44:22.455Z","incidents":[{"id":"01febeb9-4c76-47a6-beda-b0d028c688ae","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"97b0c3b1-1acf-4dd3-b8e0-22da21853995","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Message attempted to harvest credentials by impersonating the IT department."},{"id":"da8d1a1a-1041-4aad-a3f0-dd4fc463fbec","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"4c9531ee-35e9-4aa8-9ebc-983ec23cad95","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6be9e538-1cfc-4d0b-8d63-6410346ba197","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"57dd53bc-721e-4c01-9e7e-3ad69103274b","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"eed636f5-775e-45d1-b648-d98e8058bb0a","entity_name":"AdaptHealth","reported_date":"2026-07-05","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. AdaptHealth experienced a data breach where attackers used social engineering to access internal patient management systems, document storage platforms, and external electronic health record systems, stealing sensitive patient data including insurance billing passwords."},{"id":"6835fa55-60c8-437f-814b-70d956c15427","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"aac15ea4-598c-4376-a430-e42ae9cef138","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"755d423a-5b14-4756-9cdd-5ef3214f63b9","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"94aa108b-7796-4ee7-942e-ee7e62892c3f","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"41cb1e2f-bab1-482f-9c89-fa2c06387d7e","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"1cc94e52-3088-4d50-83a9-8622717d13db","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"f2490995-8145-473d-b5ae-e2c5aebad5de","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"27c427f8-c212-44ed-92ce-14b0de5c30a6","entity_name":"Wisconsin Department of Health Services","reported_date":"2026-07-02","state":"WI","individuals_affected":8157,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"ae97d844-5dbd-4d6a-b69b-44a85559426b","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"51bd63b6-f2d5-4373-94c5-efbce2ddddd0","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"aef9a4a0-c4ae-43c9-9ab0-058402fb1d76","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"c9e1c38a-e436-49c2-a0e0-0db7eb079a5b","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6d7051ac-f3b2-491e-a34c-69cf8f327ac1","entity_name":"Glucobit Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"ccd02ab8-5c83-497c-bd92-9fd4a937f254","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"5ac6d4ba-6637-45d0-8a93-cd2c4ad330e1","entity_name":"StoneFly Storage Concentrator","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":100,"summary":"Successful exploitation of these vulnerabilities could allow attackers to gain broad unauthorized access, execute arbitrary commands with root privileges, steal sensitive data, and perform actions on behalf of legitimate users across interconnected systems."},{"id":"0ec75aa8-3c33-40ab-8fd8-3d27c1965d84","entity_name":"Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a denial-of-service condition in the affected product, or execute arbitrary code when a specially crafted archive file is decompressed by the 7-Zip component included in MELSOFT Update Manager."},{"id":"0d2531ed-1df2-4b21-974b-8be5877a6fda","entity_name":"Schneider Electric EasyLogic T150 and Saitel DP RTU","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Successful exploitation of these vulnerabilities can allow an attacker to cause unauthorized access and exposure of sensitive information when the unauthenticated attacker accesses credentials stored within firmware or system files."},{"id":"11c8ae02-de8d-4789-baa2-075552b860e2","entity_name":"OFFIS DCMTK Toolkit","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash affected DCMTK client or server processes."},{"id":"52f99d7e-b95b-4b59-b2e5-1714e1da4e1e","entity_name":"Kubota North America Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"22175b4a-2fc2-4e1f-9749-8b36495a343d","entity_name":"Virta Health","reported_date":"2026-07-01","state":"CO","individuals_affected":602,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"a0a9b7e7-6ae2-4af8-83cd-879dadccae35","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Access pattern suggests automated credential stuffing."},{"id":"b4825158-5a71-47b6-92fe-31d9e68591bb","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"c2b6d7a3-5180-42bf-a0dd-dec09a3a1813","entity_name":"Sierra Management Group","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"ae7cd713-f462-4126-a4d5-11f7a08a4d74","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"143e9dbd-f304-4305-a394-d0c497af04a3","entity_name":"Medtronic Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"bc97fe54-d3c1-4bde-9ea6-34efdf4df718","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"63fffa15-63ba-4033-9648-eeffc74fcbe4","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ccc0e073-6507-42d3-a1c2-6a6e75931f12","entity_name":"Unichem Petone","reported_date":"2026-07-07","state":"NZ","individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Unichem Petone, a Wellington pharmacy, experienced a data leak due to an error on its website, exposing sensitive patient messages."},{"id":"1d4839f0-a41d-4dec-84de-beb0ec7abbf3","entity_name":"Unichem Petone","reported_date":"2026-06-29","state":null,"individuals_affected":29,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A Wellington pharmacy at the centre of a data leak says sensitive patient information has now been scrubbed from the internet. Unichem Petone said it was contacting 29 patients affected by what it described as an error on the website that saw patients' private messages to the pharmacy via its 'contact us' form inadvertently exposed."},{"id":"b2529681-e7d9-4da8-ae0a-a44c9313757e","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"b278d5fb-a6c1-43d9-a176-2bd251b37d3d","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Rogue wireless access point discovered broadcasting near the facility."},{"id":"96eab195-1880-4ba9-b97e-d16accef951c","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"131db4ac-ea50-453b-aef0-eb934eb4a407","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a16e8d24-7aaf-49d2-bfe5-c2819bdefc56","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"84e27b0f-2f01-4c8d-ba4a-9954ef694bc1","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"cf29e008-9494-4983-afe6-0adcd993885d","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"154b8264-e452-4d2f-94b1-c6626d88731a","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"1c7d4560-c88f-4b8b-a89d-b447e9651446","entity_name":"AssetMark, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"8a69bd93-aaba-4faf-94e1-05ad761c44ba","entity_name":"Bayamón Medical Center","reported_date":"2026-06-30","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The First Circuit affirmed the dismissal of a putative data breach class action against Bayamón Medical Center, holding that the plaintiff failed to plausibly allege that her injuries were traceable to the healthcare provider’s 2019 ransomware attack."},{"id":"16de31e0-56d7-47e8-82f0-9a9fb953fcca","entity_name":"Nissan North America Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"e1baaa5c-dfef-4b55-aeb0-7b49e21cbd7b","entity_name":"MCBS, LLC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"fb700cca-ef66-4450-9622-17c297c06958","entity_name":"Blank Rome LLP","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"a4b22fdf-b580-45e3-b33b-1fb49d19f840","entity_name":"Yellow Corporation and its affiliated debtors and debtors-in-possession under their jointly administered chapter 11 cases (Case No. 23-11069 (Bankr. D. Del. (CTG))","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"3d83afff-b937-44fa-a53c-fe96d22ec85a","entity_name":"Colorado Health Network","reported_date":"2026-06-27","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Colorado Health Network (CHN) suffered a data breach in August 2025 where threat actors called Cephalus claimed to have acquired 900 GB of data."},{"id":"f9b6b58d-1cf4-4a74-abfa-394bad279ca5","entity_name":"Santa Monica Community College","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"a2471718-6b3d-4fa9-a9d0-e05f01e01fef","entity_name":"Daktronics Controller Firmware","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":81,"summary":"Successful exploitation of these vulnerabilities could could provide an unauthenticated user with complete root-level access and control of the system."},{"id":"8f383d34-72b2-4e5b-abd7-0c5aca1b31ad","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"81adc977-18c8-4647-a7d0-7359eab37f98","entity_name":"Tower Administrative Services, Inc","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"2af3b1de-0585-4172-89d2-cdb80a784d83","entity_name":"Cisco Unified Communications Manager - Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root."},{"id":"91da5589-902e-4df1-a163-3f6873902fa8","entity_name":"Mercor.io Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"1f0d9b3f-08a2-4d0b-a070-62a4faa33b4d","entity_name":"Hausfeld LLP","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"91d13a4c-5f36-4e4a-b17d-70e0e2994f59","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ff724247-c5e3-4b32-a1ca-741335acc5ad","entity_name":"Colorado Health Network","reported_date":"2026-06-26","state":"CO","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Colorado Health Network (CHN) was added to a dark web leak site by threat actors named Cephalus, who claimed to have acquired 900 GB of data. Cephalus later disappeared without leaking the data."},{"id":"bf603c0d-890e-43dc-ad7d-2cbfb56b5805","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"b9bbf4e0-08fb-4bff-8d43-25b1507f7344","entity_name":"Colorado Health Network (CHN)","reported_date":"2026-07-03","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Colorado Health Network (CHN) is notifying patients of a breach that occurred in August 2025 where threat actors, Cephalus, claimed to have acquired 900 GB of data. The data was not subsequently leaked publicly."},{"id":"778867be-f9aa-4a8e-a4c2-35e3b0beaf2e","entity_name":"OHIF Viewers DICOM","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":82,"summary":"Successful exploitation of this vulnerability in a custom integration version could allow an attacker to steal an authenticated clinician's token via a crafted link."},{"id":"67d49d61-1996-4a11-8b28-a24101b1f188","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Caller attempted to obtain patient information without proper verification."},{"id":"da44bdd9-3c99-4154-af52-1fab68587497","entity_name":"pydicom pynetdicom Library","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":91,"summary":"Successful exploitation of this vulnerability could allow an unauthenticated attacker to write to arbitrary file paths."},{"id":"b8c7039b-a7a2-4921-b1d0-8fa0ffda987b","entity_name":"AgelessRx","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"2f4e171b-ef4d-4a75-8b24-bb556ff5c685","entity_name":"Eisen, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"1b2d3765-9bea-4764-bda5-762b1fece61e","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"9a8b18a8-1836-4810-933e-d2e195e734c2","entity_name":"Glendale Community College","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"9980ec63-37a5-4bcb-9a67-eecafc75324c","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"6164fbf6-30cc-49c8-8f83-d6de6b3a9f76","entity_name":"Xolis","reported_date":"2026-06-24","state":null,"individuals_affected":1400000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network."},{"id":"43bc082d-9e8b-433c-81cd-c313c715f32f","entity_name":"Healthtech firm Xolis","reported_date":"2026-06-26","state":null,"individuals_affected":1400000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Healthcare technology company Xsolis suffered a data breach impacting nearly 1.4 million individuals due to a phishing attack that compromised its network and sensitive data."},{"id":"6b24052c-bd45-49c2-8a07-fb58cf0c8736","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8f2ae08b-4002-4f91-9497-d4025985514a","entity_name":"First Advantage Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"d302ec80-1c06-4d31-b700-71dbf63e65a2","entity_name":"Xsolis","reported_date":"2026-06-25","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network."},{"id":"5276205f-0826-411e-a816-e1d6aae7b51c","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"18d70826-0b2b-4650-9d7a-287f60d2f597","entity_name":"Cherry Health","reported_date":"2026-07-03","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Cherry Health in Michigan detected suspicious network activity on April 19, 2026, which revealed that an unauthorized person or persons gained access to its network and copied data."},{"id":"aaf0f144-a6cb-4780-990e-be779488d962","entity_name":"Cherry Health","reported_date":"2026-06-23","state":"MI","individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Cherry Health in Michigan detected suspicious network activity on April 19, 2026. An investigation revealed that an unknown person or persons had gained access to its network and copied data, leading to a preliminary notice published on June 18."},{"id":"8fedf45e-63ce-47a3-a7c8-9d8506d882a2","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"18067798-266d-444e-af39-82d1bea5437f","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"91ec75a2-7f50-4f4a-bcb7-045f40648366","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"0f323a8a-11c6-4833-83b8-2c32dd73b6aa","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"928c0e1a-8656-4912-8c87-a8a2af4cbbf9","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"User account credentials were shared via unencrypted email."},{"id":"d76b6bca-1d97-470f-ad0d-968b0c277a4c","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"10e9bcf3-9f80-43c7-bebb-89957816a97e","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"fb1d77e7-00ce-4293-bcb0-f459962c0f03","entity_name":"Xsolis, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown, as no detailed summary was provided in the context. However, based on the category, it is a healthcare-related data breach."},{"id":"d0c96ac9-4f83-49eb-baf2-94def6f05ac0","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e8b6e4a4-4190-48de-930d-50cce1de94db","entity_name":"Blue Fish Pediatrics","reported_date":"2026-06-19","state":"TX","individuals_affected":41485,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Blue Fish Pediatrics notified 41,485 Texans about a data breach that occurred between July 11 and July 17, 2025, exposing personal and protected health information."},{"id":"e827e760-72ed-400d-b7e4-51792c106f13","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"a16a5cfc-ab1f-4ffa-b231-c6b269f2607c","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ffa55296-a102-48de-b07b-626706a0449b","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8a37ba15-93e6-41e8-bd32-88b46eb5947a","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ab7a0dc7-3295-49fb-ba79-ac9fab7203ce","entity_name":"Xsolis, Inc.","reported_date":null,"state":"WA","individuals_affected":24711,"source_type":"state_ag","severity_score":70,"summary":"This is a healthcare-related data breach notification from Xsolis, Inc."},{"id":"00319647-ff8d-42cc-b59f-beb68eefcb79","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"489526d8-e05c-4096-a0be-6786d92986aa","entity_name":"One Medical","reported_date":"2026-06-20","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. One Medical, a primary care provider acquired by Amazon, is facing claims by the cybercriminal group ShinyHunters that they stole 8.8 terabytes of company data and threatened to publish it."},{"id":"f33cadf8-7162-4297-9bf6-a6f251770abe","entity_name":"Richard D. Jones, A Professional Law Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"2d9ea71f-7cd7-4473-a239-c918e33c005f","entity_name":"HCRG Care Group","reported_date":"2026-06-19","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. HCRG Care Group, a UK healthcare provider, is notifying patients over a year after a ransomware attack by the Medusa gang in February 2025."},{"id":"b73fd555-c96a-42e7-ae46-9555e4d1a7b2","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"An unregistered device was detected attempting to connect to the secure network."},{"id":"304f93dd-e997-44fd-8f47-be6f7fc9d473","entity_name":"Rockwell Automation FactoryTalk Historian Site Edition","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":77,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to obtain a valid authentication token, perform a denial of service, or crash the system."},{"id":"706b6b4c-6ac2-4084-9fcf-4dbeb68ea46e","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"91da03b8-dd70-4741-974d-d22f35f579ca","entity_name":"Rockwell Automation FactoryTalk Historian Site Edition","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":77,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to obtain a valid authentication token, perform a denial of service, or crash the system."},{"id":"763571ec-4ff5-4d92-a99a-dc3f5df1a4d3","entity_name":"Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device."},{"id":"36db32cb-44ff-476c-bb96-5370f3b12440","entity_name":"Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device."},{"id":"3ac24a47-563b-48e2-b32f-550481e8a94a","entity_name":"AssuranceAmerica Managing General Agency, LLC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare-related data breach."},{"id":"e54c8946-c706-4e99-b6d9-2c268c9d716c","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"4b98feb3-7db8-4e2c-a772-471bb34e4e58","entity_name":"HSE","reported_date":"2026-06-21","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The HSE (Health Service Executive) has been fined €300,000 by the Data Protection Commission (DPC) over a breach of patient’s personal data in 2018 at the Midland Regional Hospital, Tullamore, following a ransomware attack on the laboratory information system."},{"id":"326ca095-457b-47fc-ab68-760668df867b","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"0db756da-87b0-497e-a66a-b131e2029465","entity_name":"Alcott HR","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"caf133d5-052d-46e7-876e-355255e0e046","entity_name":"University of Miami","reported_date":"2026-06-28","state":"FL","individuals_affected":6721,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"32d828c9-ee93-40fe-834d-c1b2222e57d0","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"59a7b234-ba3c-4f7d-847c-4c384d28878f","entity_name":"HSE (Midland Regional Hospital, Tullamore)","reported_date":"2026-06-18","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The HSE was fined €300,000 by the Data Protection Commission (DPC) over a ransomware attack on the laboratory information system at the Midland Regional Hospital, Tullamore, in 2018, leading to a breach of patient’s personal data."},{"id":"2bcbaac7-5b28-4a01-b340-1843a8399a02","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"34fdec85-3b63-4211-ad96-e3e4afbbfd5e","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6522b9d4-bcf0-4621-bc0b-52d530687998","entity_name":"NewYork-Presbyterian Hospital","reported_date":"2026-06-28","state":"NY","individuals_affected":6909,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"45f6416d-3239-49af-8dbe-41c28cc47274","entity_name":"Gail J May Ltd d/b/a/ Insight Optical","reported_date":"2026-06-27","state":"IL","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"8532cf85-74cd-4ac1-afb4-7855c84eabf6","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Access pattern suggests automated credential stuffing."},{"id":"741e51fc-0bc3-4231-9fc3-21afa790a1cf","entity_name":"iRhythm Holdings","reported_date":"2026-06-17","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications."},{"id":"93b7d1e3-d27c-4626-b004-55c2ec2d1adb","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"eed3c3f6-98d1-45fc-a7d0-6518208bb16b","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"3de89fb5-af9a-4cba-8b5d-2ed838cafda9","entity_name":"REDCap servers (North American medical institution)","reported_date":"2026-06-16","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America."},{"id":"07521064-3c5e-4be3-996c-c2ab315a1a96","entity_name":"REDCap servers (medical institution in North America)","reported_date":"2026-06-17","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":32,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America."},{"id":"c5b4f24a-d699-430e-993f-6cfba4402c93","entity_name":"Cisco Catalyst SD-WAN Manager - Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system."},{"id":"8b667f57-53c7-4aca-9efc-9d35ae6990f2","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"1913dec8-e6a0-41c7-97fd-f6333d32ce09","entity_name":"medical institution in North America","reported_date":"2026-06-18","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":28,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America."},{"id":"101f34f2-2c5f-4b77-9121-46cd85d776d2","entity_name":"Networking Technology, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare-related data breach."},{"id":"c2d9bfd4-ee08-4891-8bec-e40acd45b1c3","entity_name":"a medical institution in North America","reported_date":"2026-06-19","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A China-linked espionage campaign targeted exposed REDCap servers to deploy InfiniteRed malware and steal sensitive data from a medical institution in North America."},{"id":"965a9a89-9cab-4f41-ab7f-be25742c49ec","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f93bb4bd-8f6f-4990-8bfb-241b8602852d","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"An unregistered device was detected attempting to connect to the secure network."},{"id":"f0d81735-f93a-4381-8625-85172ef15da7","entity_name":"Ransomware","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":90,"summary":"Ransomware attacks or encryption threats"},{"id":"eac4b174-ac40-4dc1-af32-9f55affcdef6","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ffa10c94-9aa9-474f-ae6b-2a9a127fa7fc","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"32c01148-1fcd-468d-a7b5-467f6a023e3d","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller used knowledge of internal procedures to attempt identity verification bypass."},{"id":"040b7266-d8ba-4a5a-99a2-eccd068356d0","entity_name":"Kentucky MSO, LLC","reported_date":"2026-06-28","state":"KY","individuals_affected":537,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"7e34bf65-fee4-41b8-9713-ab19c73e164c","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ad8b185e-f8ec-46d2-87bf-8e916df0e902","entity_name":"Ohio Living","reported_date":"2026-07-07","state":"OH","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"1768ed0c-5030-431d-9866-65e930ca3843","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"a80f8df9-81e6-4547-979c-e6544e68d8de","entity_name":"Virta Medical PC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"a0294bca-a4ba-4e18-99f1-5d96be47dd65","entity_name":"the West Series of Lockton Companies, LLC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare-related data breach."},{"id":"4e0e7794-7b35-4b67-aeed-b2e84fefb113","entity_name":"Novo Nordisk","reported_date":"2026-06-13","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Danish pharmaceutical giant Novo Nordisk disclosed a data breach affecting patient information from some clinical trials."},{"id":"785328e9-9550-49b1-973a-170affcb1b36","entity_name":"Labcorp (via American Medical Collection Agency)","reported_date":"2026-06-16","state":null,"individuals_affected":10251784,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Labcorp reached a $35 million settlement over the 2019 American Medical Collection Agency (AMCA) breach, which affected 10,251,784 Labcorp patients."},{"id":"12a64e58-0824-4a2e-bacb-901214cc168e","entity_name":"Lumexa Imaging","reported_date":null,"state":"WA","individuals_affected":3632,"source_type":"state_ag","severity_score":50,"summary":"This is a healthcare-related data breach notification from Lumexa Imaging."},{"id":"48891ddd-6b2f-4ef4-a34a-9afeff8c6704","entity_name":"Columbia Pacific Advisors, LLC","reported_date":null,"state":"WA","individuals_affected":1585,"source_type":"state_ag","severity_score":50,"summary":"Data breach impacting personal and health information."},{"id":"8aadd85d-5d40-49bb-ab0a-a82eecf08db1","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f3ea90a4-3d92-4d66-927d-06d8bd87c1af","entity_name":"Labcorp","reported_date":"2026-06-13","state":null,"individuals_affected":10251784,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Labcorp, a client of American Medical Collection Agency (AMCA), was affected by a breach at AMCA that exposed the data of over 10 million patients. Labcorp notified HHS of the breach in July 2019."},{"id":"d3c2fd06-0a53-42c0-b016-0a7fdb91eedc","entity_name":"Brickcom Cameras","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":77,"summary":"Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premises, and obtain administrative control of the device. The following versions of Brickcom Cameras are affected: Brickcom Cube 3.2.3.5.6, Brickcom Dome 3.2.3.5.6, Brickcom Bullet 3.2.3.5.6, Brickcom Box 3.2.3.5.6."},{"id":"ce9ad98d-3177-4c78-89ed-5b09f88e408e","entity_name":"Ivanti Sentry - Ivanti Sentry OS Command Injection Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access through Neurons for MDM makes interfaces inaccessible to external actors."},{"id":"3442f435-ab12-4dec-8fe1-b19495c06b2e","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"5154ee81-cf2e-4823-b4c1-abadeefbcf0d","entity_name":"Yarbo Android/iOS Mobile Application and Cloud Infrastructure","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands to the robot fleet."},{"id":"81a930e5-a307-4b4a-acde-ce2d4ae872ed","entity_name":"Clinical Registry Solutions","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"e264fb11-f119-423f-a750-9277b713622e","entity_name":"Chickasaw Nation Department of Health","reported_date":"2026-06-27","state":"OK","individuals_affected":1607,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c8ae9d4e-c61c-49ed-9d4a-06df8de9874c","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"3909e498-e8fa-42a5-9b91-674fb5e22de2","entity_name":"After-hours login attempt detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"3ed13d8d-6377-41c8-b32e-7d84eb96e2cf","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"8643329d-2f77-4194-8e96-5ab972aeb1ae","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"932f02c4-3fb8-47b5-8615-0d4f623e8a04","entity_name":"unknown Thai government agency","reported_date":"2026-06-12","state":null,"individuals_affected":67100000,"source_type":"modeled_breach","severity_score":48,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A civil society group has petitioned a parliamentary committee to investigate a massive data breach after a government agency leaked the national ID numbers and healthcare details of approximately 67.1 million people."},{"id":"bcb8240b-d404-4ded-8369-9e2691e82c2c","entity_name":"Thai government agency (healthcare details)","reported_date":"2026-06-17","state":null,"individuals_affected":67100000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A civil society group has petitioned a parliamentary committee to investigate a massive data breach after a government agency leaked the national ID numbers and healthcare details of approximately 67.1 million people."},{"id":"4a0bec90-f341-4158-b74a-dd48c7f17a1d","entity_name":"Trinity Health System","reported_date":"2026-06-28","state":"MI","individuals_affected":2480,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"aefc3f8e-1eb1-44f6-8d6b-26b54fbe6980","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"5a9f492f-0bec-44c2-a441-8c68682d2320","entity_name":"a government agency in Thailand","reported_date":"2026-06-11","state":null,"individuals_affected":67100000,"source_type":"modeled_breach","severity_score":48,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A civil society group has petitioned a parliamentary committee to investigate a massive data breach after a government agency leaked the national ID numbers and healthcare details of approximately 67.1 million people."},{"id":"7b097ece-aac4-4edb-8f21-8f25e3dc9fc0","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Message attempted to harvest credentials by impersonating the IT department."},{"id":"8e6cbf52-a49b-4ce3-b383-c3e782c45fc9","entity_name":"Dr. Erick Perroud","reported_date":"2026-07-05","state":"MI","individuals_affected":7692,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"3e67c936-7886-47f4-bfb7-531b81c0d39b","entity_name":"Siemens WinCC Certificate Manager","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":71,"summary":"WinCC Certificate Manager insufficiently protects key material that could allow an attacker to extract sensitive information. Siemens has released a new version for SIMATIC WinCC Unified PC Runtime V21 and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available."},{"id":"92a84144-c3ae-46bb-abda-d0c3cac51859","entity_name":"Siemens SINEC INS","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"SINEC INS before V1.0 SP2 Update 6 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC INS and recommends to update to the latest version."},{"id":"21fa7c61-1748-459e-849b-556e1a85fa9d","entity_name":"Schneider Electric Modicon Network Managed Switches","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":90,"summary":"Schneider Electric is aware of a RADIUS protocol vulnerability affecting its Modicon Network Managed Switch product. The Modicon Network Managed Switch product provides connectivity for multiple Ethernet devices, network management, enhanced cyber security and more advanced switching features. Failure to apply the mitigation provided below may risk forgery attacks in RADIUS Protocol, which could result in modification of any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response which could result in the possibility of denial of service and loss of confidentiality, integrity of the devices connected to the switch."},{"id":"142be79a-a347-4348-91cb-21424da7994e","entity_name":"Schneider Electric EcoStruxure Panel Server","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Schneider Electric is aware of its vulnerability in its EcoStruxure Panel Server offer. The EcoStruxure Panel Server is a high performance, modular gateway with enhanced cybersecurity that provides easy and fast connections to multiple concurrent edge control or cloud applications. Failure to apply the remediations provided below may risk unauthorized authentication, which could lead to access to sensitive information."},{"id":"2bd84c19-8bf6-4600-9fc4-1859558a1316","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e7358842-4f6f-45fe-af03-6a8ecea449ff","entity_name":"Cisco Catalyst SD-WAN Manager - Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system."},{"id":"d31901e2-13d0-4e55-9a2a-b876c20787f1","entity_name":"Siemens KACO Blueplanet Inverters","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":83,"summary":"KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them to gain unauthorized access. KACO new energy GmbH has released new versions for several affected products and recommends to update to the latest versions. KACO new energy GmbH is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available."},{"id":"0c8670b0-bcbb-4439-913e-74ab0ad5a699","entity_name":"South African Police Service","reported_date":"2026-06-11","state":null,"individuals_affected":3000,"source_type":"modeled_breach","severity_score":48,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Confidential medical records of almost 3,000 South African police officers were leaked among staff, raising concerns about sensitive data security."},{"id":"40dce9a0-ee86-46a8-8f39-be72ef5be733","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ca5a6358-2c6b-4d53-a828-130ae23dc478","entity_name":"Siemens Products using OpenSSL","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available."},{"id":"c697cd64-ed9a-40bb-a889-7afcd0ad394f","entity_name":"Siemens SIPROTEC 5 Using DIGSI5 Protocol","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"SIPROTEC 5 is vulnerable to arbitrary file uploads by authenticated users using the DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, potentially causing a permanent denial of service condition. As a mitigation measure, users of the CP050 and CP150 device models are advised to upgrade to version 9.90 or later. For CP300 device models, devices 7ST85 and 7ST86 are advised to upgrade to version 10.00 or later, while the remaining models should upgrade to version 9.90 or later. These versions introduce an allow-list feature that restricts arbitrary file uploads and reduces the risk associated with this vulnerability. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available."},{"id":"0ea9f695-7db6-431d-85e8-1ea97385a0b5","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Access pattern suggests automated credential stuffing."},{"id":"eb2cb226-d624-44d2-a360-e92c22561da9","entity_name":"National Hospital Organization (Hokkaido hospitals)","reported_date":"2026-06-16","state":null,"individuals_affected":510000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hard drives from two Hokkaido hospitals were sold online, resulting in a leak of personal information from at least 180,000 patients and employees, with a potential impact on up to 510,000 people."},{"id":"9aba26d1-7d06-48dc-bfa9-158546c1bbe7","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Individual attempted to gain physical access to restricted area using false pretenses."},{"id":"e440c6b8-b795-4bb8-9b37-bb163852010f","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"600d293c-7843-474d-a3cc-c6586da795d9","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"98202dda-d97d-43df-ad74-709db73bbe7a","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"3bbe1f99-751a-4be7-b994-a6d1724c5b87","entity_name":"National Hospital Organization (Japan)","reported_date":"2026-06-10","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hard drives from two hospitals in Hokkaido were sold online, leading to a leak of personal information from at least 180,000 patients and employees. The leak could affect up to 510,000 people."},{"id":"d8738de1-9943-4eeb-801f-d1b643cef629","entity_name":"Mid and South Essex NHS Foundation Trust","reported_date":"2026-06-09","state":null,"individuals_affected":2380,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Around 2,380 patient test records were stolen in a cyber attack that affected data held by third-party provider Synnovis."},{"id":"420bb69e-f2b8-4820-8bbd-3fa85672994e","entity_name":"Lutheran Home for the Aged","reported_date":"2026-07-07","state":"MO","individuals_affected":2311,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"04a0486b-0f7d-4b6d-8b36-bfedfe86224e","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6fdedb0d-2584-493f-bf9a-accd07bf92d4","entity_name":"Hokkaido Medical Center","reported_date":"2026-06-09","state":null,"individuals_affected":510000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hard drives from two Hokkaido hospitals were sold online, potentially leaking personal information from up to 510,000 patients and employees."},{"id":"1797008b-81c0-4fec-8f09-5335f3880514","entity_name":"Hokkaido hospitals","reported_date":"2026-06-14","state":null,"individuals_affected":510000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hard drives from two hospitals in Hokkaido were listed on auction sites, resulting in a leak of personal information from at least 180,000 patients and employees. The leak could potentially affect up to 510,000 people."},{"id":"f6e5d8c4-ae7e-4332-a124-2c058942f8d5","entity_name":"Hokkaido hospitals (National Hospital Organization)","reported_date":"2026-06-17","state":null,"individuals_affected":510000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Japan's National Hospital Organization says hard drives from two hospitals in Hokkaido were listed on auction sites, resulting in a leak of personal information from at least 180,000 patients and employees. The group warns that the leak could potentially affect up to 510,000 people."},{"id":"37d1cb79-a409-47cf-bf87-e5231045d193","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"1b72c314-a9ea-49ca-a857-4d61524b355b","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"7b8f7d33-cd69-4efa-a75a-c2f190382e1a","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"7401f1ff-eab2-4afe-a5bc-672fbf00ecdd","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"913c873f-1505-447a-ba63-23ee88083d61","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Access pattern suggests automated credential stuffing."},{"id":"86dd9c83-352a-418f-9102-790b4a71ea26","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"55c78319-d50f-4176-9708-8958c059e34e","entity_name":"MVP VIP Holdco dba Heart of America Eye Care","reported_date":"2026-07-07","state":"MO","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"dbc7cd89-f193-4013-99db-c62440613ed8","entity_name":"Gay & Lesbian Community Services Center of Orange County, Inc.","reported_date":"2026-07-07","state":"CA","individuals_affected":75532,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"11b808c4-1f0d-4c42-be7c-fd20a72bad6e","entity_name":"Xsolis, Inc.","reported_date":"2026-06-22","state":"TN","individuals_affected":1396519,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"e4281e5f-4bb8-4870-bb1e-70f3827f4db3","entity_name":"Minnesota Epilepsy Group, P.A.","reported_date":"2026-06-23","state":"MN","individuals_affected":80061,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"d411e9bb-0700-4b23-8949-8a575990409a","entity_name":"Signature Healthcare Corporation","reported_date":"2026-07-05","state":"MA","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"d5a040e4-a5e4-4096-827f-8339b3f456d3","entity_name":"Gay & Lesbian Community Services Center of Orange County Inc","reported_date":null,"state":"WA","individuals_affected":1249,"source_type":"state_ag","severity_score":50,"summary":"Name; Driver's License or Washington ID Card Number; Financial & Banking Information; Full Date of Birth"},{"id":"74503ee7-c8ac-48cf-9f5d-eb87a77037ed","entity_name":"UnitedHealth Care Services, Inc. Single Affiliated Covered Entity","reported_date":"2026-07-07","state":"CT","individuals_affected":34574,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"be10d6a9-9b74-492f-8492-5fcd3b8dc0b7","entity_name":"B&R PPT30 Operating System","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"B&R is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploits this vulnerability could make the OPC-UA server of the product inaccessible. The following versions of B&R PPT30 Operating System are affected: PPT30 Operating System <1.8.0, 1.8.0 (CVE-2025-11482)"},{"id":"60191fcf-9610-4cf2-9a8b-4817a5bb3a5d","entity_name":"McLeod Physician Associates II","reported_date":"2026-07-05","state":"SC","individuals_affected":19553,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"5c6ac6df-723a-4e0b-9fe7-ecd8955a122b","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6153cd71-5026-460b-a018-84337b5b0eae","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ce2d3b19-e28e-4011-8ba9-1efc517294b4","entity_name":"Hitachi Energy MACH HiDraw","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"Hitachi Energy is aware of a buffer overflow vulnerability that affects MACH HiDraw product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages (denial of service) and possible arbitrary code execution. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy MACH HiDraw are affected: MACH HiDraw vers:MACH_HiDraw/<=9.22 (CVE-2026-7310)"},{"id":"66cfd031-7244-462a-b038-24cb4131e88d","entity_name":"Hitachi Energy RTU500","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":78,"summary":"Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. If exploited, these vulnerabilities primarily impact product availability, with potential secondary impacts on confidentiality and integrity. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy RTU500 are affected: RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=12.7.1|<=12.7.7, vers:RTU500_series_CMU_Firmware/>=13.5.1|<=13.5.4, vers:RTU500_series_CMU_Firmware/>=13.6.1|<=13.6.3, vers:RTU500_series_CMU_Firmware/>=13.7.1|<=13.7.8, 13.8.1, vers:RTU500_series_CMU_Firmware/>=13.7.1|<=13.7.7 (CVE-2025-69421, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-8479, CVE-2025-69421, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-8479, CVE-2025-69421, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2025-69421, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-8479, CVE-2026-8479)"},{"id":"2d73b00c-f234-455b-9bea-4dd652921248","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6f0d4068-b2f0-407a-856f-053510702055","entity_name":"NAVTOR NavBox","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":63,"summary":"Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. The following versions of NAVTOR NavBox are affected: NavBox 4.16.1.20 (CVE-2026-21404)"},{"id":"31f4c04e-3232-4d2a-ae74-3dddfb6e6c60","entity_name":"Hitachi Energy ITT600 Explorer","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Hitachi Energy is aware of vulnerabilities that affect ITT600 Explorer product versions listed in this document. These vulnerabilities can be exploited to carry out Denial of Service (DoS) attack on the product. The vulnerabilities only affect Hitachi Energy Integrated Testing Tool ITT600 SA Explorer without affecting IEC 61850 system endpoints. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy ITT600 Explorer are affected: ITT600 Explorer vers:ITT600_Explorer/<2.1_SP6, vers:ITT600_Explorer/<=2.1_SP6, 2.1_SP6 (CVE-2024-8176, CVE-2025-59375)"},{"id":"c01f408e-01c5-436c-baec-b73729bfe969","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a5ee44ef-1d34-4d91-9fbc-3d46701ed31e","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Caller used knowledge of internal procedures to attempt identity verification bypass."},{"id":"deb1cf5b-0d39-4809-a88a-0753297a7972","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller attempted to obtain patient information without proper verification."},{"id":"0d100d00-1bd0-4dfc-bfa6-c9187dc8ba55","entity_name":"Amicus Solutions, Inc. (additional related entities may be impacted, the names of which are available upon request)","reported_date":"2026-06-22","state":"SC","individuals_affected":1137,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c4efab2e-c77d-4c08-897f-b87c0ac25d11","entity_name":"City of Middletown","reported_date":"2026-06-23","state":"OH","individuals_affected":20608,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"f68a9b75-2688-4063-b1f1-fd7d72b0ccfb","entity_name":"WellPoint (Independent Clinics of Washington, Elevance Health)","reported_date":null,"state":"WA","individuals_affected":12017,"source_type":"state_ag","severity_score":70,"summary":"Unknown breach type affecting Independent Clinics of Washington, a subsidiary of Elevance Health. Individuals' names, Social Security numbers, driver's license/ID numbers, dates of birth, health insurance policy/ID numbers, and medical information were compromised."},{"id":"032bd00e-1fd8-4f6a-9924-df46ef4eee9c","entity_name":"Henry Rossi & Company, LLP","reported_date":"2026-07-05","state":"PA","individuals_affected":2720,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"195dd8e8-cd10-4219-8fa7-546f0a35998e","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"c6334d9b-76ee-4a1d-a3e6-17a0d0377daf","entity_name":"JASON R EGBERT OD PC","reported_date":"2026-06-10","state":"WA","individuals_affected":1225,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c3b2a6d0-4765-4629-89e9-7097d1a70362","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"a7c33aca-ccd9-4f34-a4b4-8ed850bd08d4","entity_name":"Lincoln National Corporation d/b/a Lincoln Financial","reported_date":"2026-06-27","state":"IN","individuals_affected":3070,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"8c7c0d86-b2e6-41fb-81bd-7624bce420d5","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Access pattern suggests automated credential stuffing."},{"id":"acfde753-2730-4ca2-8f4c-1bbbb867ade0","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"2b143b17-0a53-45fb-9846-851f2bd8fe6f","entity_name":"Area Agency on Aging Pasco-Pinellas Inc","reported_date":"2026-06-28","state":"FL","individuals_affected":1000,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"dbd24bc6-677b-407e-afa8-323f37656bf3","entity_name":"unknown entity","reported_date":null,"state":"IN","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a placeholder for information that could not be extracted from the provided HTML. The link 'DataBJune26.pdf' likely contains a list of breaches for the year 2026. Without access to open the PDF, the details of individual breaches cannot be extracted."},{"id":"7dad993a-9529-48c4-9600-b49ee917ca92","entity_name":"Te Whatu Ora Health New Zealand","reported_date":"2026-06-04","state":"N/A","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. New Zealand's Privacy Commissioner found that Te Whatu Ora Health New Zealand failed to protect health information following an inquiry into a major breach of sensitive personal information."},{"id":"514bf94d-2f3d-4fe4-be3c-b1b406f5ec8c","entity_name":"Indiana Attorney General","reported_date":null,"state":"IN","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"The Indiana Attorney General's office reported several security breaches across various entities for the year 2026. Data types exposed varied by incident but generally included personal identifying information. The exact number of individuals affected per incident is not specified in the summary but is implied to be significant enough to warrant public disclosure."},{"id":"b07e3c8b-c3f0-4844-84f9-c3a6872829d7","entity_name":"Manage My Health","reported_date":"2026-06-14","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. New Zealand's Privacy Commissioner found Te Whatu Ora Health New Zealand and Manage My Health Limited failed to protect health information following a hack, in one of New Zealand's largest known breaches of sensitive personal information."},{"id":"98e22e94-7769-4ae8-a19f-a1a9dd865796","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e50aa47d-cc9d-4eb2-8394-7d1a1db66407","entity_name":"Anthem, Inc.","reported_date":null,"state":"IN","individuals_affected":78800000,"source_type":"state_ag","severity_score":95,"summary":"Health insurance giant Anthem, Inc. suffered a cyberattack exposing personal information of current and former members. Data exposed includes names, dates of birth, social security numbers, medical IDs, street addresses, email addresses, and employment information."},{"id":"8ba30b96-3ad8-43cc-a712-c2be36449802","entity_name":"University of California, Los Angeles (UCLA) Health","reported_date":null,"state":"CA","individuals_affected":4500000,"source_type":"state_ag","severity_score":95,"summary":"Cyberattack exposed patient data."},{"id":"b0b74f1e-0537-4566-9e3d-6ad7be09bcc1","entity_name":"Te Whatu Ora Health New Zealand and Manage My Health Limited","reported_date":"2026-06-02","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. New Zealand's Privacy Commissioner found Te Whatu Ora Health New Zealand and Manage My Health Limited failed to protect health information following a hack, one of the country's largest known breaches of sensitive personal information."},{"id":"5fd81cae-1673-41c4-9092-8752b1d8e002","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"51e3b6d6-cbce-43a6-9fd5-7ab8256751aa","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller attempted to obtain patient information without proper verification."},{"id":"ae29cb4a-8e23-406c-8dcd-b681847ad185","entity_name":"Medenet Inc.","reported_date":"2026-07-05","state":"FL","individuals_affected":1387,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c369c574-3f13-47ab-90b9-75b83b451ac6","entity_name":"Unspecified Entity","reported_date":null,"state":"IN","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Data breach information from a report updated in June 2026."},{"id":"d1a7b521-7ded-4195-87de-700c40aa055a","entity_name":"Indiana Family and Social Services Administration (FSSA)","reported_date":null,"state":"IN","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"An IT incident at FSSA resulted in the exposure of protected health information for an unknown number of individuals. Details on the specific data types exposed were not provided in the summary."},{"id":"f191ead3-a70a-4f39-bc3f-44c8728f5af1","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"7e308c15-4e99-4633-8f0d-45661d0b6f47","entity_name":"Manage My Health Limited","reported_date":"2026-06-04","state":"N/A","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. New Zealand's Privacy Commissioner found that Manage My Health Limited failed to protect health information following an inquiry into a major breach of sensitive personal information."},{"id":"88b08f94-50a1-4696-ae5c-9b2230c97deb","entity_name":"Unnamed Entity","reported_date":null,"state":"IN","individuals_affected":1,"source_type":"state_ag","severity_score":30,"summary":"This is a placeholder summary for a healthcare-data-related breach."},{"id":"2d18d4eb-237a-4e3a-8532-ccd7dc52ddf5","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"b0910d52-b4bf-4bcb-9b29-beb0e5f80fb9","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e4791ded-797d-4015-a4a7-7e37e66b0553","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"An unregistered device was detected attempting to connect to the secure network."},{"id":"f8924a31-2ac6-4077-a678-4d69c3b486ce","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"50eebf5e-91b7-46b2-a6dc-1110bdaa89f6","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"6dc34e0a-b92b-419f-b566-3dbc9760302d","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"cf601c22-2a4a-44f9-9c06-cc19fd321fcc","entity_name":"Networking Technology, Inc. (RXNT)","reported_date":null,"state":"WA","individuals_affected":4480,"source_type":"state_ag","severity_score":50,"summary":"Unknown breach type. Names, Social Security numbers, dates of birth, and medical information were compromised."},{"id":"4bb9aa0a-c4c7-4a19-9041-e9b6a666f774","entity_name":"Almerys (French Health Payments)","reported_date":"2026-06-02","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Almerys, a French healthcare payments middleman, reported that hackers breached a key authorization portal, potentially exposing sensitive personal data including France’s equivalent of a Social Security number."},{"id":"c67ff3ea-1d68-45a2-a76b-02be0e7f3a68","entity_name":"23andMe","reported_date":"2026-06-02","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. California Attorney General Rob Bonta filed a lawsuit against 23andMe (now Chrome Holding Co.) for its failure to protect sensitive customer genetic and personal information in a 2023 breach."},{"id":"d0afebf3-5403-4f22-9dcc-fe8adc1c67c1","entity_name":"23andMe (Chrome Holding Co.)","reported_date":"2026-06-02","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. California AG Rob Bonta sued Chrome Holding Co., formerly 23andMe, over a 2023 data breach that affected customer DNA test kit information, including ancestry and genetic predispositions for certain health conditions."},{"id":"7e054362-8062-4bf4-995a-cb589023e794","entity_name":"23andMe (now Chrome Holding Co.)","reported_date":"2026-06-04","state":"CA","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The California Attorney General is suing 23andMe over a 2023 breach that exposed customer genetic and personal health data."},{"id":"249a0d0d-fdda-4f60-a5be-9a0118121f16","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"84702a4e-8887-4877-9ec9-017043be8081","entity_name":"IMA Diligence Services, LLC","reported_date":null,"state":"WA","individuals_affected":1977,"source_type":"state_ag","severity_score":50,"summary":"Unknown breach type. Individuals' names, Social Security numbers, driver's license/ID numbers, financial/banking information, dates of birth, health insurance policy/ID numbers, and medical information were compromised."},{"id":"04041fb0-f287-4887-bf24-58f296980bbf","entity_name":"Palo Alto Networks PAN-OS - Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection."},{"id":"b6cae339-e01a-46aa-afea-b5bdb8990d07","entity_name":"United Medical Doctors","reported_date":"2026-06-17","state":"CA","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"a4a676d8-ad3d-43ec-bdcd-2e355cbbcf6f","entity_name":"Almerys","reported_date":"2026-05-30","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Almerys, a French healthcare payments middleman, reported a data breach where hackers accessed a key authorization portal, potentially exposing sensitive personal data including social security numbers."},{"id":"2aacf870-54e8-42ee-8100-11666641b768","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ca4f4d95-51e7-47d8-9220-08012873c0f3","entity_name":"Almerys (French Health Payments middleman)","reported_date":"2026-06-04","state":"N/A","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers broke into a key authorization portal of Almerys, a French health-care payments company, potentially exposing sensitive personal data including social security numbers."},{"id":"b34d56af-2d01-433f-900f-762e0c09e21f","entity_name":"Campbell University","reported_date":"2026-06-23","state":"NC","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"b667ebca-836d-4b0a-8126-991da2e47af6","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"1d58a2b0-b095-4c4c-8e48-7a3e69394c67","entity_name":"ABB Busch-Welcome 2 Wire Door Opener Actuator","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":68,"summary":"ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could gain physical, unauthorized access to a Building where the product is installed. The following versions of ABB Busch-Welcome 2 Wire Door Opener Actuator are affected: Switch Actuator 4 DU vers:all/*, Switch actuator, door/light 4 DU vers:all/*."},{"id":"f23668a3-f4bf-417a-a2b5-780f325c5606","entity_name":"Fourth Frontier Frontier X Mobile Application, Frontier X2","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"Successful exploitation of this vulnerability could allow an attacker to read and write arbitrary handle values and change clinical readings, which could result in taking control of the device and lead to patient harm."},{"id":"b70141ea-c653-460f-ac33-2d55e2637156","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"29b8901b-6f78-453f-a44b-499a4ca3a5ae","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"cbac0e77-296d-4122-a34c-acc98c172b8b","entity_name":"Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of this vulnerability could result in an attacker gaining administrator access to the device. The following versions of Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter are affected: USR-W610 RS232/485 to Wi-Fi/Ethernet Converter 7.03T.07."},{"id":"39379124-c865-46c5-809d-505bc72be062","entity_name":"CP Plus 8 Ch. Network Video Recorder","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":84,"summary":"Successful exploitation of this vulnerability allows an attacker's malicious script to execute in the browser of any authenticated user or administrator who accesses the affected interface. This could lead to compromise of user sessions, execution of unauthorized actions with the victim's privileges, exposure or manipulation of sensitive data, and degradation of overall system integrity. The following versions of CP Plus 8 Ch. Network Video Recorder are affected: CP-UNR-108F1 Hardware V1.0, CP-UNR-108F1 Web V3.2.7.128806, CP-UNR-108F1 System V4.001.00AT009.0.R."},{"id":"7a5ec13b-c188-498f-aff6-14cbb0bf7a4a","entity_name":"Schnieider Electric EcoStruxure Machine Expert HVAC","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"Schneider Electric is aware of a vulnerability in its EcostruxureTM Machine Expert HVAC product. The [EcostruxureTM Machine Expert HVAC](https://www.se.com/ww/en/download/document/EcoStruxureME_HVAC/) product is a programming software for Modicon M171-M172 logic controllers. Failure to apply the remediation provided below may risk in revealing sensitive information, which could result in disclosing protected source code, leading to loss of confidentiality."},{"id":"64531100-f65c-47f8-ae17-9419cbd0fcd3","entity_name":"XCharge C6","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to gain administrator rights or execute code on the affected device. The following versions of XCharge C6 are affected: C6."},{"id":"ef69c642-77c0-496f-ac88-60401cb5af11","entity_name":"MacGregor Voyage Data Recorder (VDR) G4e","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":83,"summary":"Successful exploitation of these vulnerabilities could result in an attacker gaining administrator access to the device. The following versions of MacGregor Voyage Data Recorder (VDR) G4e are affected: MacGregor Voyage Data Recorder (VDR) G4e <V5.250."},{"id":"01c439be-25f6-4d9f-a5d2-f866637491aa","entity_name":"KMW CCTV Security Cameras","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":91,"summary":"Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings."},{"id":"0ebbc1fa-7d00-4e1d-9f5f-1ed6604f9bc5","entity_name":"Fourth Frontier Frontier X Mobile Application, Frontier X2","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities, triggering vibrations, causing denial-of-service conditions, and fuzzing characteristic values to induce unexpected behavior. Additionally, the Frontier X mobile application lacks proper BLE device authentication, allowing attackers to impersonate a legitimate Frontier X2 device and connect to the application. By cloning BLE advertisements and exposing expected GATT characteristics, attackers can manipulate activity states and inject fabricated health telemetry such as breathing rate, heart rate, strain, and other health-related data into the mobile application."},{"id":"629364d3-b5bc-4cd3-89e3-d601f9494d30","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"bcdbdac9-b370-4428-90ab-65bafdbb9d7f","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"1d51f53f-4ae6-4ed3-a142-e1ff3d3d32b4","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"491475fc-c9a3-47bf-b702-0b9623bc1aa1","entity_name":"Eppendorf BioFlo 320","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of this vulnerability could allow an attacker to gain full access to functionality and data with the bioreactor."},{"id":"750b0242-d569-4960-95fc-7e77c27a7142","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"61be264d-9adf-4480-a2da-5abf346dea6c","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"0dffe320-3dcd-425a-82ad-011c31962acc","entity_name":"MCNA Dental","reported_date":null,"state":"IN","individuals_affected":8900000,"source_type":"state_ag","severity_score":95,"summary":"Unauthorized third-party accessed systems and acquired sensitive personal information."},{"id":"39aafd85-e80a-4575-9e10-c74499fc898d","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a9c35119-fa90-42fe-b5c6-c649bc232048","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"c6c10120-7fac-49be-b2d2-25a7d205f2ad","entity_name":"ERMI LLC","reported_date":"2026-07-05","state":"GA","individuals_affected":74074,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"5d23af18-cc6c-42a2-aed7-a864ede80a03","entity_name":"ERMI LLC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare-related data breach. It affected a healthcare entity."},{"id":"26e7ff6a-9043-43c3-845e-11e6bd583c48","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Message attempted to harvest credentials by impersonating the IT department."},{"id":"e006f1f4-3312-4c89-94cc-eee9e8320ae1","entity_name":"Spokane Digestive Disease Center, P.S.","reported_date":null,"state":"WA","individuals_affected":2093,"source_type":"state_ag","severity_score":50,"summary":"Unknown breach type. Individuals' names, Social Security numbers, driver's license/ID numbers, financial/banking information, dates of birth, and medical information were compromised."},{"id":"5f65e2d4-6b27-4d68-9b0f-2065b1bd2b0d","entity_name":"Eppendorf BioFlo 320","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"The affected product is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted."},{"id":"ecab1312-d030-4517-a0f7-167e583fd9a6","entity_name":"Wellmark Health Insurance","reported_date":"2026-06-05","state":"IA","individuals_affected":6666,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"ce2edcae-7a27-484b-931d-fd6381a851c0","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"fb0303c4-88ea-4b4d-ac58-c47ff96c3f34","entity_name":"DocketWise","reported_date":"2026-05-28","state":null,"individuals_affected":143000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories."},{"id":"8244a695-de5e-4663-9740-9b0ffbfe067b","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"3ee4ff59-0f71-46dc-a28b-445703e2aa36","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8f1cc046-8766-4f2c-a629-96be8ca0b07a","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"f39b92fe-38d6-4e79-bbc0-259336092f48","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8353c47d-faf9-41cb-bdd9-270c81cb14d3","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"d7348a0c-3e3f-476d-aee2-0d3185c244ca","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"52a92c34-5881-4fd1-a20b-228d127c58ba","entity_name":"Virta Medical PC","reported_date":"2026-06-16","state":"CO","individuals_affected":14636,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"a2a5a34a-2e73-4d23-a6e5-14fdc4451730","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c."},{"id":"8fa67b9f-d86f-4598-9545-f29173c18408","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown im-pact and attack vectors."},{"id":"454604eb-2d71-4ac9-ad22-ed55b19631ec","entity_name":"Equinix Incorporated Group Health and Welfare Benefit Plan","reported_date":"2026-06-04","state":"CA","individuals_affected":677,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"d7b6367b-f98f-497b-a1c8-ea707bc0aed4","entity_name":"Oakwood Lutheran Senior Ministries, Inc.","reported_date":"2026-06-17","state":"WI","individuals_affected":1080,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"973f2e06-db97-4d44-8d74-d040524172e4","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API."},{"id":"f750d919-2240-46d3-bfc2-3d09c1dddcef","entity_name":"DentaQuest","reported_date":"2026-06-09","state":"MA","individuals_affected":3086,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"76e1b41d-2d1a-4fb6-993e-12f69c4262fd","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c."},{"id":"69777638-0bb6-420f-a760-cfdbe7e4e8bc","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mis-handles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly un-specified other impact."},{"id":"67a662e0-5e63-44dd-8d3e-0137f348084f","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via un-specified vectors."},{"id":"88cfa50b-c65b-4fe5-9d93-7863d1a2c035","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":78,"summary":"The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement."},{"id":"41aebd3f-d3aa-40f3-a8ab-3a783ef5699d","entity_name":"Gastro Health","reported_date":"2026-06-16","state":"FL","individuals_affected":1628,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"dcf40d2c-8f96-4d08-89e1-148bca642e1c","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation."},{"id":"afedd9d5-88ac-4d70-896c-cf4fefb7e46c","entity_name":"German university hospitals (via Unimed)","reported_date":"2026-05-24","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. German university hospitals experienced a large-scale patient data breach after hackers targeted Unimed, a third-party billing service provider used by medical centers."},{"id":"36ed465d-c51a-490e-bdc5-f267c91d829d","entity_name":"Nottingham Village","reported_date":"2026-06-16","state":"PA","individuals_affected":5240,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"d496192a-7f80-4b5d-8218-3d20c857381c","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":81,"summary":"SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan."},{"id":"a40c96c8-ee21-4bb0-b584-299a00579aff","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases)."},{"id":"92ae1f03-365a-4c35-9594-d954710adb1e","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":81,"summary":"SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a \"merge\" operation that occurs after crafted changes to FTS3 shadow tables, allow-ing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346."},{"id":"e2606a65-bb9a-45ae-815d-554d880a3bd3","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c."},{"id":"1f72fa98-734a-49db-929a-c22bf5aa7131","entity_name":"Unimed","reported_date":"2026-05-25","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers targeted Unimed, a third-party billing service provider for German university hospitals, stealing patient and billing data."},{"id":"8efd10ef-d2b9-4c51-ae74-eefd873a98b8","entity_name":"AUTOAPS LLC","reported_date":"2026-06-10","state":"CA","individuals_affected":1591,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"0ca92d6c-bad8-4c8c-8012-038c5e302324","entity_name":"Radiology Associates of Richmond","reported_date":"2026-05-26","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Radiology Associates of Richmond ("},{"id":"6f0c889b-44e6-4db5-87d9-f5007ae1df0b","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables."},{"id":"da17762a-dbd9-4e4b-bd00-eb79456cc46a","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled."},{"id":"6ac54045-5afd-40e3-84e4-c67d10a58783","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement."},{"id":"164b5514-5841-476e-9a48-e0782d4d4702","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c."},{"id":"85ac4555-50f2-4912-b95f-7920781e34f2","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":70,"summary":"ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature."},{"id":"42dfc860-d9ee-4258-ad50-b492d292369d","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue."},{"id":"5f50c01a-e223-445b-beeb-c7dcb502b68a","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":59,"summary":"There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue."},{"id":"4097bf3d-588b-40a7-9948-1183edd7b890","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements."},{"id":"e8d2d82e-e984-45f8-9161-3d51d18eba2f","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns."},{"id":"2c856b34-5785-47ec-b273-ad12630aad77","entity_name":"Acadia Healthcare Company, Inc","reported_date":"2026-06-10","state":"TN","individuals_affected":1807,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"544550b3-ee45-4f8d-b002-ab18253c5316","entity_name":"South Florida Injury Centers, Inc.","reported_date":"2026-06-23","state":"FL","individuals_affected":1525,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"b73b768e-3ea6-409a-8035-079812c2db24","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":37,"summary":"SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586."},{"id":"e491654d-ed1a-4e7c-9575-d2018898ae3e","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":73,"summary":"A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow."},{"id":"4233b481-458f-494f-8755-296134df45ba","entity_name":"Unimed (third-party billing service for German university hospitals)","reported_date":"2026-05-23","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. German university hospitals experienced a large-scale patient data breach due to hackers targeting Unimed, an external billing service provider used by medical centers."},{"id":"5e5b9229-c8f2-454e-81d1-c81969793e0d","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"An integer overflow vulnerability exists in SQLite's concat_ws() function that can lead to a massive heap buffer overflow. When triggered, the integer overflow results in a truncated size value being used for buffer allocation, while the original untruncated size is used for writing the resulting string, causing a heap buffer overflow of approximately 4GB."},{"id":"77d53a5d-f852-4568-965f-f0e037e4e1f4","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue."},{"id":"6f52df66-1b3e-479b-8374-27ca34cb58fd","entity_name":"Southern Illinois Ob-Gyn Associates, S.C.","reported_date":"2026-06-03","state":"IL","individuals_affected":38700,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"e667d6d4-4304-439c-9fb9-f149357707d4","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"3d3a7fc8-dc84-4353-b8fa-d971d163481e","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"9ce61435-c523-4df4-9b06-72ad45202aa9","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ac4ad44a-c23a-40cd-9e4c-acf8ff71ac6c","entity_name":"Ira L. Savetsky, MD PLLC","reported_date":"2026-06-16","state":"NY","individuals_affected":564,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"4d866b99-7db0-4d3c-995e-41866481c92b","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"c01a90ae-199b-4e3d-b3fa-a156ac0bae43","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ac37d121-7688-4773-b080-50ced121ee15","entity_name":"ABB B&R Automation Runtime","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session"},{"id":"2c94d701-2cd0-4ef2-a287-a9314aa32de8","entity_name":"ABB B&R Automation Runtime","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":42,"summary":"A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions."},{"id":"73fe309d-de4c-4ec8-8695-f43bed0bc444","entity_name":"ABB B&R Automation Studio","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified vulnerabilities could present potential attack vectors that might enable unauthorized access, data exposure, or remote code execution."},{"id":"7848dcd2-72ac-4b8f-9951-f77a04952cde","entity_name":"ABB Terra AC Wallbox","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash memory to alter the firmware behavior."},{"id":"21fc974b-cdbe-4919-b7b7-fb88836b415c","entity_name":"Coastal Carolina Centers of Urology and Surgery, LLC","reported_date":"2026-06-16","state":"SC","individuals_affected":2886,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"dfc9d7c7-5739-4654-859d-46c57bf5621e","entity_name":"Defense Health Agency (TriWest)","reported_date":"2026-06-09","state":"VA","individuals_affected":11848,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"404ba08c-af54-459d-8f30-c230b2a72ddf","entity_name":"ABB B&R Automation Runtime","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability requires the attack-er to create a malicious link. The user would need to click on this link, after which the resulting CSV file additionally needs to be manually opened."},{"id":"fee13ae0-2514-4d1f-8563-22a663d39b80","entity_name":"ABB B&R Automation Runtime","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of the user’s browser session."},{"id":"71b69113-f507-4ad2-b669-56c539e845ec","entity_name":"Connecticut Department of Social Services","reported_date":"2026-06-09","state":"CT","individuals_affected":22500,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"452f2338-d2d2-4724-8212-4fa770271f7a","entity_name":"Regence","reported_date":"2026-06-16","state":"OR","individuals_affected":2856,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c860ef21-dc08-49b9-beff-46882712bdfd","entity_name":"Radiology Associates of Richmond","reported_date":"2026-06-09","state":"VA","individuals_affected":266183,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"53959072-a2ff-44ab-80ff-b7e4a684a2dc","entity_name":"After-hours login attempt detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"4cc6f35e-5fa8-46b4-a8bd-d1bad7ae391c","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"6d012997-549a-47d6-8192-5d0373ec8b0c","entity_name":"CareFirst BlueCross BlueShield","reported_date":null,"state":"IN","individuals_affected":1100000,"source_type":"state_ag","severity_score":95,"summary":"Cyberattack allowed unauthorized access to a database. No evidence that data was removed."},{"id":"c71835be-6b21-40dc-8eb4-5d62a813db5d","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Repeated login attempts from an IP address not associated with any known employee."},{"id":"d9c30753-57c1-4a80-96a4-47a7a48e8cfd","entity_name":"Southwest Behavioral Health Services.org","reported_date":"2026-06-17","state":"AZ","individuals_affected":2316,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"1fa74762-bc1d-42cd-ac4d-4d09ed3fa944","entity_name":"Wellpoint Washington, Inc.","reported_date":"2026-06-04","state":"IN","individuals_affected":12020,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"96245104-08ed-4ec7-92da-2da47b81b022","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"05f5c23d-dd5d-4367-9bf8-d3c7c06d3519","entity_name":"Southern California University of Health Sciences","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare-related data breach. It affected a health education entity."},{"id":"b180aa6f-a337-4d2f-948f-29b15c1f2ec2","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"89213398-8fb9-46cc-8a6a-e32eec08fb46","entity_name":"Singing River Health System","reported_date":"2026-06-02","state":"MS","individuals_affected":53888,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"2936e44b-79ad-46ea-9cbd-05d1ddbe3126","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"24f6cb55-886d-4e28-b1ef-cf5201a4e28a","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"edccae96-07df-421a-b4fc-edd3f8cc1b0d","entity_name":"Kieback & Peter DDC Building Controllers","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":53,"summary":"Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser."},{"id":"5903d8b8-9ffa-41ff-8b83-55bf2558a19d","entity_name":"Eyemart Express, LLC","reported_date":"2026-06-22","state":"TX","individuals_affected":25000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"75ac5a4b-8b54-4aea-aee7-a7047c0eea67","entity_name":"RXNT (congressional medical contractor)","reported_date":"2026-05-24","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers breached RXNT, a healthcare software company used by the Office of the Attending Physician (OAP) to manage prescription services for Congress, obtaining copies of patient data."},{"id":"aa21bc30-fa96-445e-858e-e19d131694bb","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"0d2c17bb-bf15-43cc-a90c-9dd9e0210f12","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ae73d73f-f3e7-45d3-8ae5-6cac09d7ec23","entity_name":"Greenbaum Rowe Smith & Davis LLP","reported_date":"2026-06-10","state":"NJ","individuals_affected":12801,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"8c0947fe-0adc-4a13-a918-2e124c54bcf0","entity_name":"RXNT","reported_date":"2026-05-19","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers breached RXNT, a healthcare software company used by the Office of the Attending Physician (OAP) for prescription services for Congress, on March 1 and March 3, obtaining copies of patient data."},{"id":"9133138a-8a04-4fc3-8eec-48a39d315c8d","entity_name":"Jefferson Health Plans","reported_date":"2026-06-10","state":"PA","individuals_affected":1855,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"92f3bd87-3ee9-4a56-8c4a-15e28365a360","entity_name":"Professional Finance Company, Inc.","reported_date":null,"state":"WI","individuals_affected":650000,"source_type":"state_ag","severity_score":95,"summary":"Professional Finance Company, Inc. (PFC) experienced a ransomware attack that impacted systems containing personal information. PFC is a third-party collection agency that works with various healthcare providers."},{"id":"43c165f5-6d5f-4758-9a34-27e8a47e7031","entity_name":"Community Connections","reported_date":"2026-06-03","state":"DC","individuals_affected":18943,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"de712a63-fca5-4d30-95ff-7ece4fc87b21","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"b9d838bb-fe19-4d8d-b76b-fe4ba5d26363","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"d0c1dd05-2346-476b-a47e-7b4535afc270","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"c6eb5f77-72db-4caf-82a3-cbc6123e41bd","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"ab758499-a484-45fe-9fe6-55230a7e26fb","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"011278f2-a570-4bf2-967c-f719c156f445","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"998fb0fe-7535-4ae2-9a68-f1c6bd3e79d9","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"aab964a5-9557-4799-b03b-405fc9c387dd","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"c184390a-51e3-4fde-baf6-1f8297046807","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller used knowledge of internal procedures to attempt identity verification bypass."},{"id":"f60e7743-8626-4a2c-a759-9d2751d69c7b","entity_name":"Garrisonville Dental L.L.C","reported_date":"2026-06-04","state":"VA","individuals_affected":5204,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"0ad9b7d9-9dc4-4d35-9866-bce3b46382f8","entity_name":"Centers for Dialysis Care","reported_date":"2026-07-05","state":"OH","individuals_affected":8000,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"95722430-c852-4853-a73e-067b8f6d7d59","entity_name":"Merseyside hospital group","reported_date":"2026-05-16","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Nearly 50 staff at a Merseyside hospital group inappropriately accessed details of individuals attacked in Southport. Victims were informed about the data breach through investigative journalism."},{"id":"b1a605df-4531-4f3b-a2cc-7241ccf10d3c","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"d78e8e08-db5b-4216-a034-e53c3df82e60","entity_name":"The Phia Group, LLC","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare-related data breach related to a health insurance service provider. The breach date is from 2024, but the notification date '05/15/2026' is recent."},{"id":"f5c75a23-f32e-4283-8067-bc4d88e5a60f","entity_name":"Sanford Health","reported_date":null,"state":"ND","individuals_affected":250000,"source_type":"state_ag","severity_score":85,"summary":"Sanford Health disclosed a data breach resulting from a ransomware attack on its network. The attack encrypted critical systems and led to the exfiltration of patient data."},{"id":"60ea5b79-73c3-4c18-b7cd-b97b614af877","entity_name":"Vermont Health Network","reported_date":null,"state":"VT","individuals_affected":9000,"source_type":"state_ag","severity_score":50,"summary":"Cloud storage misconfiguration led to the exposure of patient billing statements."},{"id":"53a15c66-7b67-4b49-9418-f891951dd3d1","entity_name":"Liberty Solutions, Inc.","reported_date":"2026-06-10","state":"NY","individuals_affected":7329,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"8caca444-f637-449e-b10e-de6f850548a1","entity_name":"Lumexa Imaging","reported_date":"2026-05-29","state":"NC","individuals_affected":2994,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"35d602d6-16cb-41b4-9e5f-dc18f7b83898","entity_name":"Drs. Abdelbaky, Boes, Cameron & Associates of Wake Forest, PLLC","reported_date":"2026-06-04","state":"NC","individuals_affected":908,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"6ef3576d-fa86-4da5-8d28-8db4b82ab25b","entity_name":"Drs. Abdelbaky, Boes, Cameron & Associates of Cary Park, PLLC","reported_date":"2026-06-04","state":"NC","individuals_affected":547,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"1d0ff09b-0a6d-4e04-888c-a724b50dc6fe","entity_name":"Stafford Oral Surgery P.C.","reported_date":"2026-06-04","state":"VA","individuals_affected":7019,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"b2264373-ec9d-4ce0-8662-d07874c6e662","entity_name":"Hamilton County Government","reported_date":"2026-05-20","state":"TN","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"1e291c82-8e21-4e82-b7b2-ffb3de70b964","entity_name":"NJ Pain Care Specialists, LLC","reported_date":"2026-06-02","state":"NJ","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"f7cc2a03-cc94-41ad-8c31-55140abb99ba","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"7f283323-086e-4d68-828d-124bdab61fc6","entity_name":"Siemens SIMATIC","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":96,"summary":"SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version."},{"id":"03c1d205-460b-4965-a110-3aa195d312cb","entity_name":"Cisco Catalyst SD-WAN - Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system."},{"id":"24476b76-99f3-48b8-9a09-12e15ca03a5a","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"befe2b9b-58da-4392-a7a8-e50d34952726","entity_name":"Bridle Trails Family Dentistry","reported_date":"2026-06-02","state":"WA","individuals_affected":20976,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"f11b825b-989d-4552-b1d7-7121214d70ce","entity_name":"Siemens gWAP","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":80,"summary":"Siemens gPROMS Web Applications Publisher (gWAP) is affected by a remote code execution vulnerability introduced through a third-party component, namely the Axios HTTP client library. The vulnerability stems from a specific \"Gadget\" attack chain that allows prototype pollution in other third-party libraries, potentially allowing an attacker to execute arbitrary code. Siemens has released a new version for gWAP and recommends to update to the latest version."},{"id":"e72c47a2-2497-43df-a1ea-f86092e9085c","entity_name":"Siemens Siemens ROS#","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":91,"summary":"ROS# contains a ROS service file_server, that before version 2.2.2 contains a path traversal vulnerability which could allow an attacker to access, i.e. read and write, arbitrary files, which are accessible with the user rights of the user that runs the service, on the system that hosts service. Siemens has released a new version for ROS# and recommends to update to the latest version."},{"id":"a0e40e91-7073-4571-a15a-927a8e368266","entity_name":"Nursa","reported_date":null,"state":"WA","individuals_affected":13168,"source_type":"state_ag","severity_score":70,"summary":"The data breach occurred on 2026-02-27."},{"id":"3895f615-5786-4532-bf91-6d758669137f","entity_name":"American Lending Center","reported_date":null,"state":"WA","individuals_affected":6049,"source_type":"state_ag","severity_score":50,"summary":"The data breach occurred on 2025-07-24."},{"id":"2263e1c9-b478-4060-bd00-fe0c70dc2a48","entity_name":"Trinity Health","reported_date":"2026-06-10","state":"MI","individuals_affected":5905,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"227dc7e6-83fb-4fcb-92a2-97f071e106a3","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller attempted to obtain patient information without proper verification."},{"id":"6e5b0405-70b4-43c2-9dc4-452207445074","entity_name":"Pivot Health","reported_date":"2026-06-10","state":"FL","individuals_affected":5864,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"3caf34e9-472d-4677-8a0d-fbba4c433109","entity_name":"OpenLoop","reported_date":"2026-05-14","state":null,"individuals_affected":716000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The telehealth platform OpenLoop was hacked in January, resulting in the exfiltration of personal information of 716,000 users."},{"id":"6731ae62-f01b-4501-b4bb-39986bdade49","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Rogue wireless access point discovered broadcasting near the facility."},{"id":"2c758c83-4128-4451-9662-3d1a8d90bd8f","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"40ab3659-54f7-4942-a24a-2d280da81c9d","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"21c2fdd2-936b-4ffd-9359-82f518e88fac","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"ef139ac6-9e59-4ee7-8df8-fa324cbe5cde","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"44801b9b-b14b-4678-a8f7-3f41fd13570d","entity_name":"Elara Caring","reported_date":"2026-05-29","state":"TX","individuals_affected":10490,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"2a3e5ab3-205e-4c07-aad0-47269f500a43","entity_name":"Family Health Centers of San Diego","reported_date":"2026-05-20","state":"CA","individuals_affected":523,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"df9beade-5353-42d6-bba5-0a25b1ddc48d","entity_name":"ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the product versions listed as affected in the advisory. Depending upon the vulnerability, an attacker with access to local network who successfully exploited this vulnerability could have - Unauthorized access - Insufficient Session Expiration leading to resource unavailability - Uncontrolled Resource Consumption leading to DOS attack ABB strongly advises customers to update the latest firmware of affected products."},{"id":"f8bde050-e550-424f-8386-45689cc0d065","entity_name":"Ocelot Ventures, LLC dba Excelas","reported_date":"2026-06-10","state":"OH","individuals_affected":2275,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"e51db2ef-6332-4470-b443-00a73d2d798a","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Message attempted to harvest credentials by impersonating the IT department."},{"id":"14c28352-b420-42e3-8aa1-7caf355b9d90","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"050e4f5b-7eec-4b3d-b86f-b7b1aab366f2","entity_name":"Family Health Centers of San Diego","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"3342dfe2-9e2e-4999-b01d-5e6f08e25d7e","entity_name":"Tulane University","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"d54d508a-af70-467e-a1bd-56146a094579","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"6df35071-f287-4252-b763-e8bbb79b406e","entity_name":"Screen left unlocked in patient area","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"f732a488-10bb-41cd-b636-a5d40809b4ff","entity_name":"Adams County Memorial Hospital","reported_date":"2026-06-02","state":"IN","individuals_affected":5305,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"445e4be7-668b-445c-9054-f8c0dc3a7b95","entity_name":"Saurabh N. Patel, M.D – Florida Retina Center","reported_date":"2026-06-16","state":"LA","individuals_affected":13652,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"48f8ebff-63d5-4be8-90ef-f161f7a9d235","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a7a6a051-be69-40d6-a9c8-588a271edf04","entity_name":"CareFirst BlueCross BlueShield","reported_date":null,"state":"MD","individuals_affected":1100000,"source_type":"state_ag","severity_score":95,"summary":"A cyberattack on CareFirst BlueCross BlueShield's claims processing system exposed member data, including names, dates of birth, and subscriber identification numbers, affecting approximately 1.1 million individuals."},{"id":"a219ae4b-8573-4e0d-a89b-9621cf426378","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"f6d88bee-2fe0-4c26-9065-7f54601b15a2","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"be806ce2-1a95-4c00-b43b-b3d92fd04328","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"dda9cf2d-bbc3-4189-b92d-6773f4ccdf6d","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"756ef712-f5ee-4907-be03-2566195614d2","entity_name":"Managed Health Services of Wisconsin","reported_date":null,"state":"WI","individuals_affected":339272,"source_type":"state_ag","severity_score":85,"summary":"Managed Health Services of Wisconsin was impacted by the large-scale MOVEit Transfer cyberattack, which exploited a vulnerability in the software. This breach exposed the protected health information of MHS members."},{"id":"1edf1b20-1df0-4614-8136-83666e6ae7d2","entity_name":"Quartz Health Solutions, Inc.","reported_date":null,"state":"WI","individuals_affected":396000,"source_type":"state_ag","severity_score":85,"summary":"Quartz Health Solutions, Inc. was impacted by the large-scale MOVEit Transfer cyberattack, which exploited a vulnerability in the software. This breach exposed the protected health information of Quartz members."},{"id":"12b5d126-d7a3-43c2-aef1-da1132f1d4ff","entity_name":"Bronsky Orthodontics","reported_date":"2026-06-02","state":"NY","individuals_affected":3183,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"e9b49541-1106-4f7e-b3b7-07b0b46b1697","entity_name":"ViaQuest Psychiatric & Behavioral Solutions, LLC","reported_date":"2026-06-01","state":"OH","individuals_affected":6420,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"eb50cea5-b391-4155-a62f-c7d6ef49b5f7","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"8c8e8b9e-f0d5-4417-83a8-d5528cd38001","entity_name":"Anthem (now Elevance Health)","reported_date":null,"state":"WI","individuals_affected":78800000,"source_type":"state_ag","severity_score":95,"summary":"This is a follow-up notification regarding the 2015 cyberattack that exposed the personal information of nearly 79 million Americans. Multiple state attorneys general reached a settlement with Anthem, requiring them to improve their data security and pay $48.2 million. Wisconsin received $994,763.48 from the settlement."},{"id":"f16f2494-4ae6-42fe-b32c-b11e605a0dc8","entity_name":"Palomar Health Medical Group","reported_date":"2026-05-20","state":"CA","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"a53721a7-5027-4076-bad2-5ad707b8d7a4","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f761bd97-3943-4b8b-aaea-0c1779b671c4","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f8701060-1ad4-48f4-bb41-6012db93aef8","entity_name":"Verber Dental Group PC","reported_date":"2026-06-02","state":"NY","individuals_affected":8598,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"76f7f685-5068-43f6-8778-016e0c142c44","entity_name":"World Trade Center Health Program","reported_date":"2026-05-19","state":"DC","individuals_affected":1071,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"019e0545-bbdd-4ea4-bfd1-6fc3083d7025","entity_name":"Sanger Skilled Care, LLC dba Cornerstone Care Center","reported_date":"2026-06-01","state":"CA","individuals_affected":1510,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"5efecc67-f0fd-4022-9e95-be445ce2b904","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"59670b1b-96c1-480f-b33d-a73df78b8437","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Individual attempted to gain physical access to restricted area using false pretenses."},{"id":"70deb141-c48c-4838-9e5d-46d4698753b4","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f43e4528-9c3a-4913-aa49-180852946a77","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"d0408cb7-59f5-43d8-85f1-228bdacaf2f9","entity_name":"Sanger Skilled Care, LLC dba Cornerstone Care Center","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown."},{"id":"b330666b-9118-47a5-bcfc-e1d1a6f87929","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"216f4286-b292-46a1-8b67-e25b2ac1973a","entity_name":"Ivanti Endpoint Manager Mobile (EPMM) - Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution."},{"id":"df466a73-6b15-4e61-8c5c-1c083e49fb45","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Access pattern suggests automated credential stuffing."},{"id":"3ba025ab-311a-4df8-a3a8-54369a84db2e","entity_name":"Palo Alto Networks PAN-OS - Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets."},{"id":"83322a32-cbe0-4b96-9b0b-e6db7c204648","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"User account credentials were shared via unencrypted email."},{"id":"779bc3dd-117b-4d5c-bc2e-17de6c2cb7db","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"7aa2a6fd-30b0-42ba-852f-bc75b5e25866","entity_name":"Passaic County, New Jersey","reported_date":"2026-06-22","state":"NJ","individuals_affected":1109,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"af48e60a-a97a-4532-a497-f66c1383c5b2","entity_name":"Aroostook Mental Health Center","reported_date":"2026-05-19","state":"ME","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"dc514b10-963a-45ba-b3bb-7e2d8c65461c","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"79f46331-5230-40a0-b47b-a2258a74ea45","entity_name":"Johnson Controls CEM AC2000","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":87,"summary":"Successful exploitation of this vulnerability could allow a standard user to escalate privileges on the host machine."},{"id":"e05e845f-6f4b-4901-8508-3a5c90c6e487","entity_name":"Centers for Medicare and Medicaid Services (CMS)","reported_date":"2026-05-06","state":"TX","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Trump administration inadvertently exposed the Social Security numbers of health care providers in a database powering a new Medicare portal."},{"id":"709aff59-cb00-48b2-8c63-54f4a74357af","entity_name":"DATCP Home","reported_date":null,"state":"WI","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"The provided text doesn't contain enough information to generate a breach notification for DATCP Home. There are no details about specific breaches, affected individuals, or data types exposed within the given context. It's an HTML header, not a breach notification."},{"id":"dfd1c8b0-826a-47af-ad0a-22ab7d6263ea","entity_name":"Centers for Medicare and Medicaid Services (CMS)","reported_date":"2026-05-05","state":"US","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Centers for Medicare and Medicaid Services (CMS) inadvertently exposed the Social Security numbers of health care providers in a database powering a new Medicare portal."},{"id":"a0b063a6-b4b0-48ab-8a57-d3940e1df018","entity_name":"After-hours login attempt detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Access pattern suggests automated credential stuffing."},{"id":"6dc404c4-d2fd-41bf-b1b9-ed8895353e53","entity_name":"Personal hotspot creating network conflict","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"886a9e14-4785-4cd7-9de7-81c42178e9ff","entity_name":"BAYADA Home Health Care, Inc.","reported_date":"2026-06-01","state":"NJ","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"5b2ee5a4-4537-4a16-ba6e-62ec90643c24","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"f527453b-f8be-427c-b4eb-bc078bdf05f7","entity_name":"IKRON Corporation","reported_date":"2026-06-02","state":"OH","individuals_affected":11845,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"1019137c-4865-42b8-b206-f5b54a17b887","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e5c4afea-45c0-4cc3-96aa-614d1de6e9d8","entity_name":"Centers for Medicare and Medicaid Services (CMS)","reported_date":"2026-05-07","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Trump administration inadvertently exposed the Social Security numbers of health care providers in a database powering a new Medicare portal."},{"id":"1be6ddb5-85f2-43bf-937f-291fc925a0ba","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"5049705c-18d6-4750-8541-379588522524","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"864cffe7-24a6-4a52-a1ae-5618e2f7cbdb","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Access pattern suggests automated credential stuffing."},{"id":"d9a68359-f9cf-4348-9331-4eff036b76c5","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e34ea8f4-fc7f-4946-ba0c-16470b070435","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"28427cc7-431d-4a1b-8239-0caa3af36d0f","entity_name":"University of Michigan/Michigan Medicine","reported_date":"2026-05-08","state":"MI","individuals_affected":551,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"aa84fae3-992f-413a-9db5-b869aeaec90f","entity_name":"CUNNINGHAM PROSTHETIC CARE LLC","reported_date":"2026-05-13","state":"ME","individuals_affected":2523,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"e3cdd7f1-ec70-47bb-b139-11b28e660f96","entity_name":"Integrated Pain Associates","reported_date":"2026-05-13","state":"TX","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"946d17e2-166a-47a9-ae23-8708672d6750","entity_name":"NCH Corporation Employee Benefits Plan","reported_date":"2026-05-21","state":"TX","individuals_affected":4055,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"3bd22baf-26f4-482d-a22a-12903251e461","entity_name":"Capitol Pain Institute","reported_date":"2026-05-13","state":"CO","individuals_affected":695,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"cbf85eb2-627f-4bf5-b27c-b39b6ebc06a6","entity_name":"Anthem","reported_date":null,"state":"IN","individuals_affected":78800000,"source_type":"state_ag","severity_score":95,"summary":"Large healthcare insurance provider, Anthem, experienced a breach of its database, resulting in the exposure of personal information belonging to millions of current and former members. The exposed data includes names, dates of birth, medical IDs, social security numbers, street addresses, email addresses, and employment information."},{"id":"5f5b15a9-a50f-445e-ab26-49e6e238f57c","entity_name":"Western Orthopaedics, P.C.","reported_date":"2026-05-13","state":"CO","individuals_affected":113330,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"8691f0e4-6ec1-4d93-ac62-7fdecdf5bc65","entity_name":"Health Data Management","reported_date":null,"state":"IN","individuals_affected":1000,"source_type":"state_ag","severity_score":30,"summary":"This breach affected healthcare data."},{"id":"58122714-08b9-4e2b-9ebb-0dd63375312d","entity_name":"New Hampshire Pharmacy Solutions","reported_date":null,"state":"NH","individuals_affected":6000,"source_type":"state_ag","severity_score":50,"summary":"Pharmacy system breach exposed prescription information."},{"id":"d93f14f4-7f5e-4441-b3f3-14969b4989bf","entity_name":"Nebraska Medicine","reported_date":null,"state":"NE","individuals_affected":45000,"source_type":"state_ag","severity_score":70,"summary":"Nebraska Medicine experienced a privacy incident involving the accidental exposure of patient discharge summaries on a publicly accessible server. The error was promptly corrected."},{"id":"8734e1bd-c55d-46f7-9733-8f93f5076979","entity_name":"Delta Dental","reported_date":"2026-05-02","state":null,"individuals_affected":7000000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Delta Dental suffered a data breach involving MOVEit software, exposing patient data after a zero-day vulnerability was exploited by Clop. More than 7 million patients were reportedly affected."},{"id":"0fcf73d8-1925-4ee3-a0ff-dfc9050c8155","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8f0c8601-e64a-48a1-8d60-0ab411544896","entity_name":"HealthTech Innovations","reported_date":null,"state":"IN","individuals_affected":200000,"source_type":"state_ag","severity_score":85,"summary":"HealthTech Innovations experienced a data breach affecting user names, email addresses, and encrypted health metric data."},{"id":"eda9028a-21f0-4798-88eb-e9d1e810296f","entity_name":"Sierra Nevada Health Plan","reported_date":null,"state":"NV","individuals_affected":250000,"source_type":"state_ag","severity_score":85,"summary":"Cyberattack on insurer's systems resulted in exposure of member data."},{"id":"ebac51f7-d13a-46df-ba31-0ad73b77c431","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"1f8547eb-6c64-4df7-bdb6-e6788edda91f","entity_name":"Indiana Medicaid","reported_date":null,"state":"IN","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"Phishing attack compromising employee email accounts, potentially exposing names, dates of birth, addresses, Medicaid ID numbers, and medical service information of certain recipients."},{"id":"893e9893-1acf-4df9-80e3-0d8f8f3998c8","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"edcc8c8b-f56e-4a0c-81a0-74b89ac9a305","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a76e0ec5-dc62-4a8d-ae41-337dcd3e5484","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"409a1f27-8ce5-4ed0-a3bd-137e250f6a77","entity_name":"ABB PCM600","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":44,"summary":"Successful exploitation of this vulnerability could allow an attacker to send specially crafted messages to the system node resulting in execution of arbitrary code."},{"id":"0a7f5489-1f8c-473a-9daa-84d82d7550f9","entity_name":"Sandhills Medical","reported_date":"2026-05-01","state":null,"individuals_affected":170000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Sandhills Medical disclosed a ransomware breach affecting an estimated 170,000 individuals, nearly one year after the incident occurred."},{"id":"e75a2c81-a2b4-49d6-bbea-5ed2f5f38cca","entity_name":"Ouster, Inc.","reported_date":"2026-05-08","state":"CA","individuals_affected":574,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"0383aa4b-8c5a-467e-9aea-376d4ca154d8","entity_name":"ABB Ability OPTIMAX","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":81,"summary":"Successful exploitation of this vulnerability could allow an attacker to bypass user authentication on OPTIMAX installations that make use of the Azure Active Directory Single-Sign On integration. The following versions of ABB Ability OPTIMAX are affected: ABB Ability OPTIMAX 6.1 vers:all/*, ABB Ability OPTIMAX 6.2 vers:all/*, ABB Ability OPTIMAX 6.3 <6.3.1-251120, ABB Ability OPTIMAX 6.4 <6.4.1-251120."},{"id":"5c1845ab-ba4c-43da-a97e-1e33402699e4","entity_name":"ABB Edgenius Management Portal","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":96,"summary":"Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the system node allowing the attacker to install and run arbitrary code, uninstall applications, and modify the configuration of installed applications. The following versions of ABB Edgenius Management Portal are affected: Edgenius Management Portal 3.2.0.0|3.2.1.1."},{"id":"b495fa62-3134-4ff2-a987-9d06935c3e86","entity_name":"ABB AWIN Gateways","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":83,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to remotely reboot the device or complete an unauthenticated query to reveal system configuration, including sensitive details."},{"id":"de342c1b-f948-46ed-8a2b-0ddb37fae668","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Individual attempted to gain physical access to restricted area using false pretenses."},{"id":"36f4a0ca-c59d-4f08-8b03-4c9d5a1e1b18","entity_name":"ABB Ability OPTIMAX","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":81,"summary":"Successful exploitation of this vulnerability could allow an attacker to bypass user authentication on OPTIMAX installations that make use of the Azure Active Directory Single-Sign On integration."},{"id":"2ea66de4-8e89-4f46-9067-03ea783d5179","entity_name":"ABB Edgenius Management Portal","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":96,"summary":"Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the system node allowing the attacker to install and run arbitrary code, uninstall applications, and modify the configuration of installed applications."},{"id":"ebaef53d-57f1-457c-90c3-9b17667dabfb","entity_name":"Mt. Spokane Pediatrics","reported_date":null,"state":"WA","individuals_affected":29410,"source_type":"state_ag","severity_score":70,"summary":"Breach at Mt. Spokane Pediatrics"},{"id":"56fce56d-2f30-425e-a459-225cef9006e2","entity_name":"ABB AWIN Gateways","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":83,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to remotely reboot the device or complete an unauthenticated query to reveal system configuration, including sensitive details. The following versions of ABB AWIN Gateways are affected: ABB AWIN Firmware (2.0-0) installed on ABB AWIN GW100 rev.2 2.0-0; ABB AWIN Firmware (2.0-1) installed on ABB AWIN GW100 rev.2 2.0-1; ABB AWIN Firmware (1.2-0) installed on ABB AWIN GW120 1.2-0; ABB AWIN Firmware (1.2-1) installed on ABB AWIN GW120 1.2-1."},{"id":"e7e9424b-58e4-4a0d-85b4-9b5606efc16a","entity_name":"Totem Lake Family Dentistry","reported_date":"2026-05-15","state":"WA","individuals_affected":3464,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"955b5be7-76c2-49a9-a921-6bb65beefc9d","entity_name":"ABB System 800xA, Symphony Plus IEC 61850","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications used in some Automation control system products. Note: IEC 61850 communication typically supports MMS and GOOSE protocols. Some ABB products support both, others only MMS (e.g. S+ Operations and PM 877). In any case, GOOSE communication is not impacted by this reported vulnerability. If an attacker gains access to a site’s IEC 61850 network, then exploiting this vulnerability will result in a device fault (PM 877, CI850 and CI868 modules) and will require a manual restart. If this attack is directed at a S+ Operations node running IEC 61850 connectivity, this will result in a crash in the IEC 61850 communication driver which, if continued a repeating basis, will also result in a denial-of-service situation. Note that this does not have an impact on the overall availability and functionality of the S+ Operations node, only the IEC 61850 communication function. The System 800xA IEC61850 Connect is not affected."},{"id":"10b6cb82-953c-445b-b54e-0cfe93789c69","entity_name":"ABB PCM600","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":44,"summary":"Successful exploitation of this vulnerability could allow an attacker to send specially crafted messages to the system node resulting in execution of arbitrary code. The following versions of ABB PCM600 are affected: PCM600 >=1.5|<=2.13."},{"id":"e6bd00d4-ca18-4053-a291-ac436f4d579d","entity_name":"Mt. Spokane Pediatrics","reported_date":"2026-05-08","state":"WA","individuals_affected":32021,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"e68a9d62-293c-4fdb-9fb2-69710a559803","entity_name":"Northwoods Surgery Center","reported_date":"2026-05-08","state":"MN","individuals_affected":5385,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"420bcdba-d63b-40d6-9a2e-a56b81e1dcb8","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"154fbe31-f42e-442b-8b5c-ef4c938480cf","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"4f03b815-a083-40ee-817c-c75e8d91d371","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"4d40ed7c-e7d9-40b1-b0dc-8e2b55c6fae9","entity_name":"Sandhills Medical Foundation","reported_date":"2026-04-30","state":"SC","individuals_affected":169017,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Sandhills Medical Foundation in South Carolina notified the Maine Attorney General's Office of a cyberattack that affected a total of 169,017 people."},{"id":"721394e9-353c-4091-bb69-a6eccd5b3460","entity_name":"Tri-Cities Gastroenterology","reported_date":"2026-05-08","state":"TN","individuals_affected":67115,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"e80a444f-0e08-4a05-b750-e7c407176eb4","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e0997fc5-ebf8-42c7-aa7c-0311f1eec20c","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"73eafc9f-ad40-4b50-89df-448c3267a67e","entity_name":"FMRS Health Systems, Inc.","reported_date":"2026-05-13","state":"WV","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"46a802f2-3f7f-44af-b1c3-b6ad1b8ad5b9","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"An unregistered device was detected attempting to connect to the secure network."},{"id":"10914a76-3050-4281-9d42-eea6af65e8e5","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"bd85f9f7-82e8-445a-a284-da510884cf84","entity_name":"NSA GRASSMARLIN","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":55,"summary":"Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information.A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to trigger improper handling of XML input, which may result in unintended exposure of sensitive information. The flaw stems from insufficient hardening of the XML parsing process."},{"id":"2a281a76-8e90-426e-b4de-f896cc5be485","entity_name":"L.A. Care Health Plan","reported_date":null,"state":"CA","individuals_affected":2000000,"source_type":"state_ag","severity_score":95,"summary":"This breach notification is for L.A. Care Health Plan, a healthcare entity."},{"id":"a3cc09a1-8bea-42fd-8446-0e31b86c1a4c","entity_name":"Medtronic","reported_date":"2026-04-28","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Medical device giant Medtronic disclosed that hackers breached its network and accessed data in \"certain corporate IT systems.\""},{"id":"e1a15ae0-547a-4d64-bb3d-97d830d86909","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"53b0bcc8-afda-4509-8942-f09e580b5847","entity_name":"C2N Diagnostics, LLC","reported_date":"2026-06-01","state":"MO","individuals_affected":2027,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"b6e6cd61-d258-4409-a0f0-d4c7dfc0d407","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Email contained a malicious link disguised as an invoice from a known vendor."},{"id":"7f08e3f9-16bd-43f2-ba54-ab179e5a6cd8","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"69f531ac-0aad-4707-8d1a-ff3fb1c7b1a2","entity_name":"WellDyneRx","reported_date":null,"state":"WI","individuals_affected":308000,"source_type":"state_ag","severity_score":85,"summary":"Unauthorized access to WellDyneRx systems between October 6, 2025, and October 26, 2025, during which data may have been acquired."},{"id":"948c1cb5-df1a-4165-bce7-d77c18357c75","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"abf1c2b4-5c70-4c8d-881a-2cf8f807898b","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a5f202c8-b2aa-4d7b-a91f-b362a5c8a8a6","entity_name":"Anthem (CivicHealth)","reported_date":null,"state":"WI","individuals_affected":24000,"source_type":"state_ag","severity_score":70,"summary":"Impacted individuals were incorrectly enrolled in Affordable Care Act (ACA) health plans."},{"id":"0af81db9-da9d-4a2e-988e-756d129017d5","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Access pattern suggests automated credential stuffing."},{"id":"ecc72bbc-917a-4c6c-abc5-282ec116f149","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"82a2d966-672e-497a-afd4-c0fd71a98157","entity_name":"SSM Health","reported_date":null,"state":"MO","individuals_affected":60000,"source_type":"state_ag","severity_score":70,"summary":"SSM Health reported a data security incident involving an unauthorized party gaining access to some employee email accounts via credential stuffing. The email accounts contained protected health information."},{"id":"d53655a9-6c84-4827-8440-124dddd5051f","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"01a186fa-8cea-46b9-a73c-8612add0de21","entity_name":"Vermont Public Health Department","reported_date":null,"state":"VT","individuals_affected":5000,"source_type":"state_ag","severity_score":50,"summary":"An accidental disclosure of vaccination records occurred due to an error in a public data portal."},{"id":"e7758d79-a364-4608-b69b-e32dffccd436","entity_name":"Spoofed email requesting password reset","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"59629e93-6ca7-4339-b2b5-8bb8224d9b24","entity_name":"Regence BlueCross BlueShield of Oregon","reported_date":null,"state":"WI","individuals_affected":69022,"source_type":"state_ag","severity_score":70,"summary":"A vendor, Infosys, experienced a breach of systems related to the MOVEit vulnerability, potentially exposing Regence member data."},{"id":"cfeb0898-306b-4928-9576-636e2b34d75c","entity_name":"GrayRobinson, P.A.","reported_date":"2026-06-01","state":"FL","individuals_affected":54131,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"9552cb46-5054-40eb-84d5-a87d3a347115","entity_name":"Florida Physician Specialists","reported_date":"2026-05-17","state":"FL","individuals_affected":276498,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"1166971f-b890-491f-a501-98af5f68f52d","entity_name":"Aldrich Pediatric Dentistry","reported_date":"2026-06-01","state":"IN","individuals_affected":5900,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"b4822d59-d56f-4cd7-80c1-1d36a1a2a9a9","entity_name":"Molina Healthcare of Wisconsin","reported_date":null,"state":"WI","individuals_affected":14948,"source_type":"state_ag","severity_score":70,"summary":"A third-party vendor experienced a security incident that resulted in unauthorized access to a file transfer application, potentially exposing Molina Healthcare member data."},{"id":"0e1ff7b2-68d1-4dc8-911a-097afe33e7ce","entity_name":"Health Alliance Plan of Michigan","reported_date":null,"state":"WI","individuals_affected":57470,"source_type":"state_ag","severity_score":70,"summary":"A vendor experienced a data breach involving the MOVEit file transfer application, potentially exposing Health Alliance Plan member data."},{"id":"0d52d084-8cdb-4088-82e8-3cbdb3a2bc11","entity_name":"Texas Tech University Health Sciences Center","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"d071fe30-362a-44b1-9737-da66882ed87f","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"69102012-e275-48c5-b4c4-a89e5e530b49","entity_name":"Hematology Oncology Consultants","reported_date":"2026-06-02","state":"MI","individuals_affected":62972,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"94206a70-ea1d-434d-b4d4-b6861442f813","entity_name":"Stewart Home & School","reported_date":"2026-06-02","state":"KY","individuals_affected":3677,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6ec7f651-2f2a-4518-a6ed-b12a745a0db4","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"b31b5f0b-ef52-4901-ba93-c49ffd1fcb23","entity_name":"McLeod Health","reported_date":null,"state":"WI","individuals_affected":240000,"source_type":"state_ag","severity_score":85,"summary":"Between December 20, 2025, and December 26, 2025, an unauthorized third party accessed McLeod Health's systems."},{"id":"9a16553c-3837-4869-a14e-77360c5ba564","entity_name":"Marin Cancer Care","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"4d6fca6a-7592-495c-a07a-056a314bf851","entity_name":"Interim HealthCare of Lubbock","reported_date":"2026-05-10","state":"TX","individuals_affected":2071,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"a53b984e-00ef-4ab6-8292-9647b99dfb9c","entity_name":"UK Biobank","reported_date":"2026-04-24","state":null,"individuals_affected":500000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Data from 500,000 people who volunteered their health information to the UK Biobank has been breached and offered for sale online in China."},{"id":"fa631626-fddb-48c9-b586-cca5185b1a6e","entity_name":"The Rhode Island Department of Human Services (DHS)","reported_date":null,"state":"WI","individuals_affected":11000,"source_type":"state_ag","severity_score":70,"summary":"DHS learned of a data breach at a third-party vendor, Maximus Inc., related to the MOVEit file transfer application vulnerability."},{"id":"c0eb3d72-cded-4a85-95dc-b9ade691bd75","entity_name":"Intrado 911 Emergency Gateway (EGW)","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. The following versions of Intrado 911 Emergency Gateway (EGW) are affected: Emergency Gateway 7.x (CVE-2026-6074), Emergency Gateway 6.x (CVE-2026-6074), Emergency Gateway 5.x (CVE-2026-6074)"},{"id":"67d189d9-3410-44ee-bfd3-010184eac222","entity_name":"Milesight Cameras","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution."},{"id":"274bea51-7980-4bcc-9243-34bb440c0f03","entity_name":"Carlson Software VASCO-B GNSS Receiver","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":94,"summary":"Successful exploitation of this vulnerability could enable a remote attacker to alter critical system functions or disrupt device operation.The following versions of Carlson Software VASCO-B GNSS Receiver are affected:\nVASCO-B GNSS Receiver <1.4.0 (CVE-2026-3893)"},{"id":"69198260-196a-4b20-8305-a755959eeec3","entity_name":"Interim HealthCare of Amarillo","reported_date":"2026-05-10","state":"TX","individuals_affected":666,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"423d6313-964c-4a11-89ad-5f0499f79461","entity_name":"Belmont Aesthetic and Reconstructive Plastic Surgery","reported_date":"2026-05-11","state":"VA","individuals_affected":528,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"a79878ff-be78-458b-9dde-5bfcaaaf37ea","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"62b25115-e084-457a-9e78-10d368e1edbd","entity_name":"Harvard Pilgrim Health Care","reported_date":null,"state":"WI","individuals_affected":2500000,"source_type":"state_ag","severity_score":95,"summary":"Cybersecurity incident beginning on March 27, 2026, which involved unauthorized access to Harvard Pilgrim Health Care's systems."},{"id":"fa0984ca-6c27-458a-a605-b888f24c0fa5","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"47047e74-666a-4a67-91a4-d6d558195afd","entity_name":"Liberty Bankers Life Ins. Co.","reported_date":"2026-05-10","state":"TX","individuals_affected":20202,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"c5ca0c35-7196-4361-a090-4b65765c6eaa","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"32540a01-1878-4ea2-a89b-50238feadda1","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"8c62caa9-0b79-44d1-b776-07b0024a7846","entity_name":"Harbor Developmental Disabilities Foundation (d/b/a Harbor Regional Center)","reported_date":"2026-06-22","state":"CA","individuals_affected":2287,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"0edac3e3-b686-4e85-b695-72a2bc1903bf","entity_name":"Harbor Developmental Disabilities Foundation (d/b/a Harbor Regional Center)","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"0d425f22-6baa-4bfe-b8cd-d831be5d9d0f","entity_name":"Laurel Eye Clinic","reported_date":"2026-05-19","state":"PA","individuals_affected":145221,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"42c02bed-48ba-48fd-8d69-3ec04c6a4cab","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"9fe5c417-67d1-4e3d-ba63-5a5542c13f15","entity_name":"Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to update to the latest version."},{"id":"e0fe85a8-7f8c-478a-b458-3187ea990005","entity_name":"Silex Technology SD-330AC and AMC Manager Incorrect Privilege Assignment Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":68,"summary":"An issue discovered in Silex Technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packets using the EXEC REBOOT SYSTEM command."},{"id":"054748ef-36d9-4635-b52f-4cb8322aad58","entity_name":"Silex Technology SD-330AC and AMC Manager Stack-based Buffer Overflow Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"A Stack-based Buffer Overflow vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to execute arbitrary code on the device."},{"id":"b28f7d37-6130-4b46-aaaf-355e0099daf7","entity_name":"Silex Technology SD-330AC and AMC Manager Heap-based Buffer Overflow Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"A Heap-based Buffer Overflow vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to execute arbitrary code on the device."},{"id":"818def70-4885-4f36-86c5-63d01bc086a9","entity_name":"Silex Technology SD-330AC and AMC Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":59,"summary":"A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to retrieve information via a man-in-the-middle attack."},{"id":"e18a180d-27f8-401f-a5fe-ecead6f7f2fd","entity_name":"Silex Technology SD-330AC and AMC Manager Dependency on Vulnerable Third-Party Component Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash)."},{"id":"20d909b9-2d55-44f1-88a5-c9ddfde42781","entity_name":"Silex Technology SD-330AC and AMC Manager Missing Authentication for Critical Function Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":53,"summary":"A Missing Authentication for Critical Function vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to alter the device configuration without authentication."},{"id":"b4ec904f-ce9c-4375-b93c-5ddac1648f6c","entity_name":"Silex Technology SD-330AC and AMC Manager Cross-site Scripting Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":61,"summary":"An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to trick a user into accessing a special web page and execute arbitrary script on the user's browser."},{"id":"0b5c6d53-11cb-4bcd-918b-2143b67e15bf","entity_name":"Silex Technology SD-330AC and AMC Manager Initialization of a Resource with an Insecure Default Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"An Initialization of a Resource with an Insecure Default vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker using the factory default configuration to configure the device using the null string password."},{"id":"c13564fc-6241-4f76-a717-3598a46c00eb","entity_name":"Siemens TPM 2.0","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":66,"summary":"The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available."},{"id":"d564e25f-dde9-448e-a045-4e8d36a45d3c","entity_name":"Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary Incorrect Privilege Assignment Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level."},{"id":"0fa80082-832d-4d7d-8a5e-cf5233805a15","entity_name":"Silex Technology SD-330AC and AMC Manager Heap-based Buffer Overflow Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":53,"summary":"A Heap-based Buffer Overflow vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to send specially crafted packets that may cause a temporary denial-of-service (DoS) condition."},{"id":"8b5fb002-4e5f-43e3-9920-76f424c1ba7a","entity_name":"Silex Technology SD-330AC and AMC Manager Missing Authentication for Critical Function Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":53,"summary":"A Missing Authentication for Critical Function vulnerability in Silex Technology SD-330AC and AMC Manager could allow uploads of arbitrary files to the device without authentication."},{"id":"08d75899-1acb-4c5a-8dad-0e3d638f220c","entity_name":"Silex Technology SD-330AC and AMC Manager Use of Hard-coded Cryptographic Key Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"A Use of Hard-coded Cryptographic Key vulnerability in Silex Technology SD-330AC and AMC Manager could cause an administrative user to be directed to apply a fake firmware update."},{"id":"959849aa-8d80-4a14-b283-41df2e55923b","entity_name":"Silex Technology SD-330AC and AMC Manager","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication."},{"id":"85a44e20-712c-4228-b75e-7c36f7a7ea27","entity_name":"Silex Technology SD-330AC and AMC Manager Sensitive Information in Resource Not Removed Before Reuse Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"A Sensitive Information in Resource Not Removed Before Reuse vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to send specially crafted packets that may allow the attacker to login to the device."},{"id":"c70a8e58-2896-40c0-bb33-f19aab90409e","entity_name":"Siemens TPM 2.0 Out-of-bounds Read Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":66,"summary":"TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0."},{"id":"3eecc289-ddbb-4f56-8959-777fa678e528","entity_name":"Silex Technology SD-330AC and AMC Manager CRLF Injection Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"An Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in Silex Technology SD-330AC and AMC Manager could allow an attacker to inject arbitrary entries into the system configuration."},{"id":"2feb82dc-1096-4c7f-8568-f9282463b3cd","entity_name":"Cisco Catalyst SD-WAN Manager - Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems."},{"id":"8b428c9b-6ede-439d-8ce6-8504e9612bcc","entity_name":"Cisco Catalyst SD-WAN Manager - Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user."},{"id":"ee9ed687-511d-4fcf-ae8d-ccc8f8e6126e","entity_name":"PharmaCare Solutions","reported_date":null,"state":"IN","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"PharmaCare Solutions reported a data breach involving patient names, prescription information, and insurance details."},{"id":"21bbfbea-df6d-483e-84bf-490b00510e22","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"An unregistered device was detected attempting to connect to the secure network."},{"id":"445f5b87-841c-4f7f-a55f-3a4d5ffcc2d5","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"9d95380d-b995-43ad-b53a-41d041c1882e","entity_name":"Cisco Catalyst SD-WAN Manger - Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges."},{"id":"4fff3540-c250-4010-81cf-444def3c3b87","entity_name":"Elevance Health (formerly Anthem, Inc.)","reported_date":null,"state":"IN","individuals_affected":150000,"source_type":"state_ag","severity_score":85,"summary":"A data breach at a third-party vendor, which exposed personal health information of members. This potentially included names, addresses, health plan information, and clinical information."},{"id":"308b4ae4-a201-4ada-b025-68d1c9c6ea5f","entity_name":"Missouri Health Systems","reported_date":null,"state":"MO","individuals_affected":300000,"source_type":"state_ag","severity_score":85,"summary":"Supply chain attack affecting electronic health record (EHR) vendor."},{"id":"e99e1ca0-5267-4b00-bea8-f4a9d52bbf3e","entity_name":"Managed Health Care Associates, Inc. (MHA)","reported_date":null,"state":"WI","individuals_affected":800000,"source_type":"state_ag","severity_score":95,"summary":"MHA experienced a cybersecurity incident related to the MOVEit file transfer application vulnerability."},{"id":"0ba8f4dd-1bfc-478b-aaee-ef4d892e8009","entity_name":"Prime Care 12 Priority Health","reported_date":"2026-05-11","state":"WV","individuals_affected":1000,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"3ecff05a-b417-4450-b3b1-6e357262c59a","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"686ba69f-3462-4ead-a1b2-55bb0ec4c942","entity_name":"Spokane Digestive Disease Center, P.S.","reported_date":"2026-05-11","state":"WA","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"2439a39f-241f-44c7-b10e-79036cf9abc9","entity_name":"Excellus Health Plan","reported_date":null,"state":"NY","individuals_affected":10500000,"source_type":"state_ag","severity_score":95,"summary":"Excellus Health Plan experienced a cyberattack impacting over 10 million individuals. The breach led to the exposure of names, dates of birth, Social Security numbers, addresses, and financial account information."},{"id":"9e1848ca-07b8-498d-a82a-ba727591fe8a","entity_name":"NHS vendor Synnovis","reported_date":"2026-04-30","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Qilin ransomware attack on Synnovis in 2024 continues to impact patient care for at least one NHS Trust, South London and Maudsley NHS Foundation Trust (SLaM)."},{"id":"94d6a964-5f51-4cc5-85eb-7419a23066b7","entity_name":"NHS (Synnovis)","reported_date":"2026-04-29","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Qilin ransomware attack on Synnovis in 2024 continues to impact patient care for at least one NHS Trust."},{"id":"e9b454c7-5f6b-4e27-9839-84df1a25caf3","entity_name":"Synnovis","reported_date":"2026-04-23","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Qilin ransomware attack on Synnovis in 2024 continues to impact patient care for at least one NHS Trust, with pathology systems at South London and Maudsley NHS Foundation Trust (SLaM) still unrestored."},{"id":"e57af8c6-bd8c-4e73-89e1-68655038dcf5","entity_name":"Physicians' Eye Care","reported_date":null,"state":"WI","individuals_affected":42000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to IT systems and data exfiltration occurred between August 4, 2025, and August 21, 2025."},{"id":"38617572-e1c9-4f24-ac1c-6649a54de88d","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"ce3d7655-21aa-43f9-93cd-cb7874b01448","entity_name":"Caller impersonating IT support","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"1d0547fe-e566-40f0-b2c0-b337b50eef08","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"402f22f2-a2ba-4af4-913d-2fdd8ea9224d","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"0b556010-49bc-4a87-b436-1e0c9ebf8e86","entity_name":"Synnovis (South London and Maudsley NHS Foundation Trust)","reported_date":"2026-04-20","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Qilin ransomware attack on Synnovis in 2024 continues to impact patient care at South London and Maudsley NHS Foundation Trust, with pathology systems still unrestored."},{"id":"862193f1-e937-4b8d-8659-f89ec9f67aae","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"f3c9a0f7-2600-4d1f-b84d-7565e359544a","entity_name":"Blue Cross Blue Shield of Montana (HCSC)","reported_date":"2026-04-30","state":"MT","individuals_affected":462000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A lawsuit involving Blue Cross Blue Shield of Montana's parent company, HCSC, and Montana's state auditor was updated regarding a data breach caused by Conduent that affected 462,000 members."},{"id":"c587e3ea-9c49-4bfc-aba0-1acbf9ae7580","entity_name":"Phishing attempt posing as EHR vendor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Message attempted to harvest credentials by impersonating the IT department."},{"id":"0f6e7d8e-8c0e-4c35-9f28-f4da721e1c46","entity_name":"Conduent","reported_date":"2026-04-23","state":null,"individuals_affected":462000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A breach at Conduent affected 462,000 members of Blue Cross Blue Shield of Montana."},{"id":"936cd20e-5f0d-475b-bde5-3b9c5cc71cfc","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Individual attempted to gain physical access to restricted area using false pretenses."},{"id":"27edce99-0a40-43c0-bfe4-13f5c915e229","entity_name":"Mid-Michigan physician group","reported_date":null,"state":"WI","individuals_affected":20000,"source_type":"state_ag","severity_score":70,"summary":"Patient data accessed or acquired during a December 2025 ransomware incident."},{"id":"bc7ad3ca-1653-4336-af83-359d61b3d4aa","entity_name":"Independent Health","reported_date":null,"state":"WI","individuals_affected":35000,"source_type":"state_ag","severity_score":70,"summary":"A third-party vendor experienced a cybersecurity incident involving the MOVEit file transfer application, potentially impacting Independent Health members."},{"id":"6138593d-43ba-46ae-b137-145733bdc2bf","entity_name":"Blue Cross Blue Shield of Montana (via Conduent)","reported_date":"2026-04-19","state":"MT","individuals_affected":462000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A lawsuit involves Blue Cross Blue Shield of Montana's parent company, HCSC, and Montana's state auditor regarding the Conduent breach that affected 462,000 members."},{"id":"eae773d0-24f5-458e-af6d-de4fdfb61fe0","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"e950ff0b-fc31-473a-b973-d180f699b3a6","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"a909d066-dbb4-4b22-93fb-bb71ea50fa34","entity_name":"After-hours login attempt detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"b1911cd1-0567-4cec-9941-71c1acede3af","entity_name":"L.A. Care Health Plan","reported_date":"2026-04-27","state":"CA","individuals_affected":2885,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"93b52e9f-25fc-4ad4-9107-a8bb105288bc","entity_name":"Bayside Dental","reported_date":null,"state":"WA","individuals_affected":9683,"source_type":"state_ag","severity_score":50,"summary":"Breach at Bayside Dental"},{"id":"777df270-895f-4f44-9694-0d34538401dd","entity_name":"Innovative Scientific Solutions, LLC","reported_date":"2026-04-26","state":"SC","individuals_affected":143842,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"9bedb02d-a15d-4915-a9d5-d00cdeea9bbc","entity_name":"ASC Ortho Management Company, LLC  d/b/a Aligned Orthopedic Partners","reported_date":"2026-05-13","state":"MD","individuals_affected":7213,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"2b37d930-fbb1-4fac-acd5-747022aeb154","entity_name":"University of Nebraska Medical Center","reported_date":"2026-05-13","state":"NE","individuals_affected":26937,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"d5903b60-4266-49d6-bf66-af80f3f56e01","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"86fe71ce-e58a-4cea-8f9a-2e088a59f369","entity_name":"Lennox International Inc.","reported_date":"2026-04-27","state":"TX","individuals_affected":3709,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"3176efe4-fcc6-41d6-85b2-997f8a449e63","entity_name":"Bayside Dental","reported_date":"2026-06-03","state":"WA","individuals_affected":10216,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"00a5bf35-ccec-4d4a-8201-187c62c32cea","entity_name":"NJ Division of Developmental Disabilities - Hunterdon Developmental Center","reported_date":"2026-05-17","state":"NJ","individuals_affected":807,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"cd3dc050-c905-4527-9c59-f642033e919a","entity_name":"Fake invoice attachment from unknown sender","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"6a5bc464-3128-4105-90b5-6271dc8cef17","entity_name":"Washington VA Medical Center","reported_date":"2026-04-27","state":"DC","individuals_affected":1467,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"3e24994e-c3cb-4127-910d-b209c6a3af64","entity_name":"Anviz Multiple Products","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or communications, and ultimately obtain full control over affected devices."},{"id":"d4182e79-e59a-4594-b1fc-77f47541df39","entity_name":"Providence","reported_date":null,"state":"CA","individuals_affected":-1,"source_type":"state_ag","severity_score":30,"summary":"Unknown at this time."},{"id":"7d3e6a69-3c3c-4d02-90a5-c28ff31bf906","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"3229108f-56e0-4389-8598-81b00d9deaff","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"70e33508-1d68-48a5-9bb4-88c2af5527de","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"7af2d36b-11ad-477a-9503-8e41d4736667","entity_name":"Iowa Department of Health and Human Services","reported_date":"2026-04-27","state":"IA","individuals_affected":6717,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"1a328628-f30b-4b90-a327-227e23f1ec2d","entity_name":"Pacific Northwest Health System","reported_date":null,"state":"OR","individuals_affected":15000,"source_type":"state_ag","severity_score":70,"summary":"Insider threat incident where an employee inappropriately accessed patient records."},{"id":"06d9c075-718f-4b0e-ab0c-6ac83c8603ad","entity_name":"Mazzola Mardon, P.C.","reported_date":"2026-04-26","state":"NY","individuals_affected":2123,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"8ac98049-b270-41b2-b9ae-cd8129ca91f0","entity_name":"Rhode Island Medical Imaging","reported_date":null,"state":"RI","individuals_affected":10000,"source_type":"state_ag","severity_score":50,"summary":"A cybersecurity incident involving a vendor managing medical imaging data exposed patient demographics and imaging reports."},{"id":"9a92970f-33ee-4fcf-bc97-3c02cc513f14","entity_name":"Unapproved cloud storage use detected","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"cd816ea9-4f5d-41c0-8f96-210df89b667e","entity_name":"Suspicious email mimicking insurance provider","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"b22a6eac-7527-4bc5-8aa7-d00344a13f36","entity_name":"Community Psychiatry Management, LLC d/b/a Mindpath Health","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare related data breach notification."},{"id":"854ce456-a217-499e-924f-baee2292ef5e","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"95144a3c-e99f-4753-b388-f6315f1bd17a","entity_name":"Defense Health Agency","reported_date":"2026-04-27","state":"VA","individuals_affected":1300,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"0a8338ce-38c3-42cc-aa76-4a9fc8172e0d","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Removable media detected in a secure workstation without encryption."},{"id":"72dafeab-e459-4be9-87f4-91b7f1ac707f","entity_name":"Pediatric Products, LLC","reported_date":null,"state":"CA","individuals_affected":-1,"source_type":"state_ag","severity_score":30,"summary":"Unknown at this time."},{"id":"0ef263b0-c895-4da2-96a5-0649225905ce","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"b97ced6e-3053-44e0-a2c0-ac88e64f359e","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"72fbb7dd-a4c2-4c46-b513-a8ffa8dd61e9","entity_name":"City Health, a medical corporation","reported_date":"2026-04-26","state":"CA","individuals_affected":65000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"5568da79-b04b-419f-9676-0b076976d3fa","entity_name":"ABB Ability Symphony Plus Engineering","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are affected by vulnerabilities in PostgreSQL version 13.11 and earlier versions. If an attacker gains access to a site’s S+ Client Server network, they could exploit such vulnerabilities by executing arbitrary code and potentially compromising the entire system."},{"id":"cc136965-ce2d-459b-ab26-1acab1e63d81","entity_name":"Fortinet FortiClient EMS - Fortinet SQL Injection Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests."},{"id":"7397ab28-4fa6-4805-a4c6-f38570c709bc","entity_name":"Repeated hang-up calls to reception","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Caller attempted to obtain patient information without proper verification."},{"id":"23ccbb16-0ef3-4700-a913-8d513ca1db09","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"2347922f-930e-498d-a8fc-0798f8064dd6","entity_name":"A-Z License List","reported_date":null,"state":"WI","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"The 'A-Z License List' appears under the 'Licenses/Permits' navigation, suggesting it's an entity that issues or manages licenses related to various regulated activities."},{"id":"bb5d1e41-6bd4-43f8-8a74-5468c5864809","entity_name":"Instabase, Inc.","reported_date":"2026-04-27","state":"DE","individuals_affected":908,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"88133122-56e6-4fb6-989b-4276483a1d8e","entity_name":"ABB Ability Symphony Plus Engineering","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are affected by vulnerabilities in PostgreSQL version 13.11 and earlier versions. If an attacker gains access to a site’s S+ Client Server network, they could exploit such vulnerabilities by executing arbitrary code and potentially compromising the entire system. The following versions of ABB Ability Symphony Plus Engineering are affected: Ability Symphony Plus 2.2, 2.3, 2.3_RU1, 2.3_RU2, 2.3_RU3, 2.4, 2.4_SP1, 2.4_SP2, 2.4_SP2_RU1."},{"id":"8b23af90-b2f8-4ea8-9d64-529c449df811","entity_name":"Caller requesting patient info without verification","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"582281a0-dedf-4593-b0ca-57ac5f7efcc1","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"03802745-6602-422a-a0ae-2f2c496ca8a5","entity_name":"Kaiser Permanente","reported_date":null,"state":"CA","individuals_affected":13400000,"source_type":"state_ag","severity_score":95,"summary":"Data breach impacting 13.4 million individuals due to disclosure of protected health information (PHI) to third-party advertisers via tracking technologies on its websites and mobile apps. No clinical content, Kaiser Permanente IDs, Social Security numbers, financial account information, or credit card information was shared."},{"id":"88db5e8b-9dcc-4eaf-aa73-6f031e4668f8","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Repeated calls from spoofed numbers targeting the billing department."},{"id":"a224a42c-5a3d-4434-bbb9-c3fe86c8fb09","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"cc639489-0423-4d31-ae7f-3482acff9b9a","entity_name":"HealthFlex Inc.","reported_date":null,"state":"WI","individuals_affected":24900,"source_type":"state_ag","severity_score":70,"summary":"HealthFlex Inc. experienced a cyberattack due to the exploitation of a Fortinet FortiClient vulnerability. Information exposed includes names, addresses, Social Security numbers, medical information (including diagnoses and conditions, lab results, medications, and other treatment information), and health insurance information."},{"id":"f20c0a1e-f496-4874-aa94-d0b97ee11721","entity_name":"Pretexting call requesting employee directory","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 97201."},{"id":"a02b5a6d-d571-451e-9d87-2cd00fe14153","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":null},{"id":"526cfb54-fb43-4414-9925-c0f442c40997","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 37201."},{"id":"a4651df7-6cba-42dd-a269-9bc8ae8f4357","entity_name":"Unknown device detected on clinic WiFi","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":null},{"id":"2304bf80-5f86-4fcc-850c-835135d38814","entity_name":"Unauthorized IoT device on network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 63101."},{"id":"b37916f3-cbf8-4962-8dbe-870091a53509","entity_name":"Login from unrecognized IP address","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 90210."},{"id":"2a84c057-42a8-4942-bd15-41c8df284c08","entity_name":"Springfield Hospital","reported_date":"2026-04-26","state":"VT","individuals_affected":5892,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"9b22d716-9423-4f61-8aab-5ee0838ea80c","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 46201."},{"id":"4f166ebe-5a8f-4bdc-a93a-ad2db0d1f98b","entity_name":"Lafayette General Health","reported_date":null,"state":"LA","individuals_affected":120000,"source_type":"state_ag","severity_score":85,"summary":"A third-party vendor experienced a data breach that impacted patient data for Lafayette General Health. The vendor notified Lafayette General in April 2026. The breach exposed patient names, addresses, and treatment information."},{"id":"c941871f-f9cc-45a8-aa22-df02165688b3","entity_name":"Unusual access pattern on patient records","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 30301."},{"id":"764e9d7b-caed-41c2-84a1-61c3c5fb0305","entity_name":"BUENA VISTA MANAGEMENT SERVICES, LLC DBA Windward Life Care","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Data breach notification for BUENA VISTA MANAGEMENT SERVICES, LLC DBA Windward Life Care."},{"id":"b09b3573-ae25-4e52-b531-fb0f30f819ce","entity_name":"Genetic Insights Corp.","reported_date":null,"state":null,"individuals_affected":400000,"source_type":"ftc_breach","severity_score":85,"summary":"Genetic Insights Corp., a genetic testing company, faced an FTC enforcement action for failing to protect sensitive genetic data and for misrepresenting its anonymization practices. The company claimed to anonymize genetic data shared with researchers, but the FTC found that the data could be easily re-identified, leading to privacy breaches for hundreds of thousands of consumers. The FTC alleged violations of the FTC Act and failure to comply with the Health Breach Notification Rule."},{"id":"3de7f7bf-edb4-4439-baa0-ce6d1063ddc9","entity_name":"CARE Clinic","reported_date":"2026-04-26","state":"MN","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"932dda41-93b5-47b6-8052-c3e44d622e7b","entity_name":"Hims","reported_date":"2026-04-11","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Threat actors breached the telehealth brand Hims, potentially exposing sensitive protected health information including data related to hair loss, weight, and erectile dysfunction."},{"id":"76bd6458-54b6-4751-8e45-e84079536094","entity_name":"Vishing attempt requesting PHI","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 98101."},{"id":"2bda842d-dd7e-48fd-9758-1de6060b2021","entity_name":"Duncan Regional Hospital, Inc.","reported_date":"2026-04-27","state":"OK","individuals_affected":724,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"65abb9db-d17b-44d6-bc32-2f549f440fc5","entity_name":"Branch Metrics, Inc.","reported_date":"2026-04-27","state":"CA","individuals_affected":857,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"c661fd29-74ce-422f-b2bd-c915b7b322d2","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 98101."},{"id":"c67f6b91-1200-41a6-b27e-865167cc2ac1","entity_name":"Essentia Health","reported_date":null,"state":"MN","individuals_affected":130000,"source_type":"state_ag","severity_score":85,"summary":"Essentia Health announced a data breach due to a supply chain attack targeting one of their software vendors. The compromise led to the exposure of patient information managed by the vendor."},{"id":"d43b2cae-6eb0-4f1a-88d9-1692eb6d4eee","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 46201."},{"id":"63ffa004-cef4-4f53-a2b4-11ea140b4d78","entity_name":"CardioFit Medical Group, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Data breach notification for CardioFit Medical Group, Inc."},{"id":"08807ce6-1246-4081-9647-4e09f3da075e","entity_name":"Suspicious LinkedIn message from fake recruiter","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 63101."},{"id":"97c7f1bc-c6f2-4049-9e36-3341240875b1","entity_name":"Tailgating attempt at secure entrance","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 63101."},{"id":"b991f63d-3c12-4e8e-ad6a-32304f19337a","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 37201."},{"id":"5112e0af-d91d-49ab-b557-a66191ae6d2e","entity_name":"Impersonation of vendor representative","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 63101."},{"id":"263b7527-6b5b-4064-84fc-b936508c206c","entity_name":"CardioFit Medical Group, Inc.","reported_date":"2026-04-27","state":"CA","individuals_affected":7243,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"a52b3a6d-c706-453c-bbae-f7cd4b165420","entity_name":"Unencrypted USB device found in workstation","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 46201."},{"id":"8192c574-d853-40a6-9dcb-99577d4234aa","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 02101."},{"id":"9dd19dde-8240-4083-9981-f671c8d0679f","entity_name":"Unregistered tablet accessing EHR system","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 19101."},{"id":"24e86561-445b-4f69-aaff-cd3b0ed65b8a","entity_name":"Ivanti Endpoint Manager Mobile (EPMM) - Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution."},{"id":"01761ea7-301c-4cba-b4fc-1a32e870cf19","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 90210."},{"id":"fd0a0037-3a77-4128-9340-406d9e1722c9","entity_name":"Credential harvesting email targeting front desk","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 15201."},{"id":"656a8fbd-3f7a-4361-afbe-649dabace563","entity_name":"Multiple failed login attempts observed","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Automated threat signal detected in zip code 85001."},{"id":"315f24b9-50e3-4e52-b15f-5b410e138560","entity_name":"Change Healthcare","reported_date":"2026-04-09","state":"IA","individuals_affected":2200000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Iowa Attorney General Brenna Bird has filed a lawsuit against Change Healthcare, alleging the company violated state consumer protection and data security laws in connection with a 2024 data breach that affected nearly 2.2 million Iowa residents."},{"id":"8192cb0a-5886-4adf-9c05-c535f497c3f3","entity_name":"TEXCAZ Insurance Services","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare related data breach notification as it is an insurance entity."},{"id":"c3625ce5-d327-4374-9a1c-aa7541cbd9a8","entity_name":"DermCare Management","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"N/A"},{"id":"7f9ebe66-777c-4ae9-ab0d-f3b967898876","entity_name":"Employee sharing credentials via email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 84101."},{"id":"821219e7-e927-400a-922c-005c25a8a896","entity_name":"Rogue access point identified","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 78201."},{"id":"cdc62832-9421-4fce-af73-c54a1e646dbc","entity_name":"Mitsubishi Electric GENESIS64 and ICONICS Suite products","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":88,"summary":"Successful exploitation of these vulnerabilities could allow a local attacker to disclose SQL Server credentials used by the affected products and use them to disclose, tamper with, or destroy data, or to cause a denial-of-service (DoS) condition on the system. The following versions of Mitsubishi Electric GENESIS64 and ICONICS Suite products are affected: GENESIS64 <=10.97.3 (CVE-2025-14815, CVE-2025-14816); ICONICS Suite <=10.97.3 (CVE-2025-14815, CVE-2025-14816); MobileHMI <=10.97.3 (CVE-2025-14815, CVE-2025-14816); Hyper Historian <=10.97.3 (CVE-2025-14815, CVE-2025-14816); AnalytiX <=10.97.3 (CVE-2025-14815, CVE-2025-14816); MC Works 64 vers:all/* (CVE-2025-14815, CVE-2025-14816); GENESIS <=11.02 (CVE-2025-14815, CVE-2025-14816)."},{"id":"f8bd81d6-c944-4675-8d59-73fa9644a062","entity_name":"Virginia Department of Behavioral Health and Developmental Services","reported_date":"2026-04-16","state":"VA","individuals_affected":724,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"afb33f2d-3ebb-4d0f-92cd-abc288b5048c","entity_name":"Personal device connected to secure network","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 37201."},{"id":"d9f6f35a-07cd-4db2-85d5-b2c5e8e9c85c","entity_name":"Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-facing operational technology (OT) devices, including programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley. This activity has led to PLC disruptions across several U.S. critical infrastructure sectors through malicious interactions with the project file and manipulation of data on human machine interface (HMI) and supervisory control and data acquisition (SCADA) displays, resulting in operational disruption and financial loss. U.S. organizations should urgently review the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) in this advisory for indications of current or historical activity on their networks, and apply the recommendations listed in the Mitigations section of this advisory to reduce the risk of compromise."},{"id":"be4a728d-b628-448b-af1f-bfa4b6cdd96b","entity_name":"Access attempt from retired employee credentials","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 98101."},{"id":"be47f17b-f644-413e-a0b2-24fc8db27f0a","entity_name":"Robocall spoofing internal extension","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 30301."},{"id":"eafb1f13-9d10-4227-9ac4-f62b638bb4f5","entity_name":"Fortinet FortiClient EMS - Fortinet FortiClient EMS Improper Access Control Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests."},{"id":"4f8208e5-fae7-4c08-ae09-a7804584c784","entity_name":"Option Care Health, Inc.","reported_date":"2026-04-21","state":"IL","individuals_affected":1891,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"03608ae1-1825-4f22-90d0-c18bca2c9e42","entity_name":"Indiana Attorney General Todd Rokita","reported_date":null,"state":"IN","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"The Indiana Attorney General is committed to enforcing the Disclosure of Security Breach law to protect Hoosiers from identity theft. The office can seek up to $150,000 for data breaches that have not been properly disclosed to Indiana customers."},{"id":"54eaa179-f15c-453e-9c9f-efaaf1e60c01","entity_name":"Heart South Cardiovascular Group","reported_date":"2026-04-21","state":"AL","individuals_affected":46666,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"bd034199-8f02-4011-a6ad-5b03f9915ce6","entity_name":"Shore Gardens Rehabilitation and Nursing Center, LLC","reported_date":"2026-05-20","state":"PA","individuals_affected":755,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"2aafd34e-29c5-424b-a8ee-a24b0f3d5dcf","entity_name":"LifeSpring Home Care","reported_date":"2026-05-14","state":"OK","individuals_affected":7509,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c3d77f8c-f4b2-40e5-b0e4-fe111c37a733","entity_name":"Suspicious voicemail from unknown number","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":25,"summary":"Automated threat signal detected in zip code 84101."},{"id":"66a004ef-16e2-443f-a462-9ece716643fa","entity_name":"Hospital Caribbean Medical Center","reported_date":"2026-04-20","state":"","individuals_affected":92000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"a0405a9e-4eb6-4c81-842c-f88c166203aa","entity_name":"Option Care Health, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"N/A"},{"id":"bdb93b3f-82ab-4615-8cd1-2e0d021d4850","entity_name":"South Dakota Health Partners","reported_date":null,"state":"SD","individuals_affected":25000,"source_type":"state_ag","severity_score":70,"summary":"Data breach at a medical device manufacturer impacting connected device data."},{"id":"b1c40819-b22c-410e-8d1c-919edf2a2543","entity_name":"Oregon Care Collaborative","reported_date":null,"state":"OR","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"A third-party vendor's system vulnerability led to the exposure of Medicaid patient enrollment information."},{"id":"43a72a0e-316f-461e-a94e-119b7bdd3871","entity_name":"Suspicious Call","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Calls attempting to obtain sensitive information"},{"id":"507dfae2-a0fb-4221-bf98-4fbb58ad4fb4","entity_name":"Hong Kong Hospital Authority","reported_date":"2026-04-05","state":null,"individuals_affected":56000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. The Hong Kong Hospital Authority apologized for a large-scale data leak involving over 56,000 patients, which compromised their information."},{"id":"aeb07bb5-29a6-4de1-b75f-bd74aa9312e5","entity_name":"Rocky Mountain Associated Physicians, P.C.","reported_date":"2026-04-13","state":"UT","individuals_affected":50640,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"9cdcfcbf-23ec-41c5-b3c6-0696fd6602c9","entity_name":"Hims & Hers Health","reported_date":"2026-04-04","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Telehealth company Hims & Hers Health reported a data breach where support tickets were stolen from a third-party customer service platform, resulting in a security warning to users."},{"id":"cc0b5e30-6a0b-4cc9-ac71-b6b6a0ca7054","entity_name":"Village Heart Seller, PC d/b/a Village Heart & Vein Center","reported_date":"2026-04-20","state":"FL","individuals_affected":687,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"d86e55ec-b413-4f8f-a84a-71208573eed3","entity_name":"Suspicious Call","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"They wanted password info"},{"id":"8427639b-9f90-4c4d-a867-43383420292a","entity_name":"Nacogdoches Memorial Hospital","reported_date":"2026-04-03","state":"TX","individuals_affected":250000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information."},{"id":"32a17cdb-eaec-4ccc-9fb8-dd433b3dc0a4","entity_name":"Southern Illinois Dermatology","reported_date":"2026-04-20","state":"IL","individuals_affected":160312,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"e32bb6c8-7f47-4a4f-bc20-8d83a85e5a77","entity_name":"IntraCare","reported_date":"2026-04-03","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Auckland-based IntraCare, a private specialist healthcare provider, detected a breach in its network on March 20, and immediately took its IT systems offline to contain the incident. Procedures have been halted."},{"id":"afd3b731-f547-469e-944c-f34a93a2b85c","entity_name":"Hims & Hers, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown"},{"id":"dfeceb0e-f3f4-46ad-b98e-dd6898faaad3","entity_name":"Yokogawa CENTUM VP","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":40,"summary":"Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions."},{"id":"8dcb2572-3166-45a8-804d-3b97cf2ff9cd","entity_name":"Hitachi Energy Ellipse","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation."},{"id":"abe33923-57e1-4b7c-a315-eea4f72d0930","entity_name":"Anthem PPO, Anthem Pathways Tiers PPO, and Anthem Lumenos","reported_date":null,"state":"WI","individuals_affected":32306,"source_type":"state_ag","severity_score":70,"summary":"This breach notification is related to the data breach at Medical Management Business Services (MMBS) which is a third-party vendor of Centene Corporation. Centene Corporation is the parent company of Anthem. The breach involved an unauthorized party gaining access to MMBS systems."},{"id":"cbbd5e38-a029-4af1-8bdd-f33c97fcc6ac","entity_name":"Corewell Health","reported_date":null,"state":"MI","individuals_affected":110000,"source_type":"state_ag","severity_score":85,"summary":"Corewell Health identified a data breach originating from a misconfigured server. The misconfiguration allowed unauthorized access to a database containing patient demographic and limited clinical information."},{"id":"0907e064-5cfe-4116-adc7-036441a1a495","entity_name":"CHP 11-99 Foundation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"N/A"},{"id":"168c2dcd-6021-4192-aed1-838a9efc56ca","entity_name":"Maine Community Health Center","reported_date":null,"state":"ME","individuals_affected":18000,"source_type":"state_ag","severity_score":70,"summary":"Business associate's system suffered a data breach impacting patient eligibility and claims data."},{"id":"ccb12392-bdae-4f7e-a8db-d6556de9c7d4","entity_name":"Wisconsin HealthTech Solutions","reported_date":null,"state":"WI","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"Vulnerability in software led to exposure of health application user data."},{"id":"3391c0f7-7378-4cb9-8e9b-4bd5aeae18af","entity_name":"Virtua Health System","reported_date":null,"state":"NJ","individuals_affected":25000,"source_type":"state_ag","severity_score":70,"summary":"A phishing incident targeting employee email accounts resulted in unauthorized access to employee and patient data."},{"id":"2c1aa9dd-7c0a-4f8e-836d-5993dda47e52","entity_name":"University of Vermont Medical Center","reported_date":null,"state":"VT","individuals_affected":50000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to an internal system exposed employee and patient data."},{"id":"4203c758-c4be-4cb4-8520-810e63ba7acc","entity_name":"illumifin Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown at this time. Only the entity name, breach date, and reported date are available from the provided HTML."},{"id":"1e25ce8f-e13b-4f58-90dc-115dea2720c0","entity_name":"Anritsu Remote Spectrum Monitor","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":98,"summary":"Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error."},{"id":"c62af9eb-5c55-4013-8d38-1e77c6e69016","entity_name":"Interventional Pain Center, PLLC","reported_date":"2026-04-09","state":"TN","individuals_affected":3171,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"54cc229a-43a4-4552-b37d-67859f8379d9","entity_name":"CareCloud","reported_date":"2026-03-31","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours."},{"id":"7be592b2-72a8-4e8e-a11b-3765ffe502fb","entity_name":"Anthem, Inc.","reported_date":null,"state":"WI","individuals_affected":538,"source_type":"state_ag","severity_score":30,"summary":"The large health insurance company, Anthem, Inc., notified 538 individuals on 2026-03-30 that their protected health information, including names, dates of birth, social security numbers, and health identification numbers, was accessed by an unauthorized third party."},{"id":"6ee49802-792c-4997-9db5-8b78e7e5b682","entity_name":"Healthcare In Action","reported_date":"2026-05-11","state":"CA","individuals_affected":1143,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"bba68f0a-4062-4664-b0a7-453f8d264b5e","entity_name":"Austin Plastic and Reconstructive Surgery","reported_date":"2026-05-11","state":"TX","individuals_affected":4266,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6724ccc2-0ac0-4c4f-909c-425dff6b9d62","entity_name":"Nacogdoches Memorial Hospital","reported_date":"2026-05-27","state":"TX","individuals_affected":2507073,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"60c125f9-7feb-4d01-aa9e-d5748ca321e6","entity_name":"J. Arthur Trudeau Memorial Center","reported_date":"2026-05-18","state":"RI","individuals_affected":5630,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"d18d6e6c-85d4-4e01-8dd5-e9e0739b5882","entity_name":"Citrix NetScaler - Citrix NetScaler Out-of-Bounds Read Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread."},{"id":"b34b27bd-ab06-4563-86cf-e4960fd629ed","entity_name":"Waterford Surgical Center","reported_date":"2026-05-11","state":"MI","individuals_affected":9000,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6ab50fdf-64d4-4791-a808-31f08787219d","entity_name":"Town of Apex, North Carolina","reported_date":"2026-05-17","state":"NC","individuals_affected":970,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"a7a12cab-d6a3-4035-8fd3-852f2b6956b1","entity_name":"Lumio Dental","reported_date":"2026-05-18","state":"OK","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"6c772115-2f08-4b87-8264-45e571fd1619","entity_name":"University Medical Center of Southern Nevada","reported_date":"2026-05-29","state":"NV","individuals_affected":1221,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"5aa8efd4-5a9f-47e7-8a30-0295b44bcd62","entity_name":"Corewell Health","reported_date":"2026-03-28","state":"MI","individuals_affected":1000,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Corewell Health announced their former health care consulting vendor, Pinnacle Holdings, experienced a data breach in 2024, affecting thousands of patients."},{"id":"c4534c4f-a158-4587-b2cd-f54f284920f1","entity_name":"Managed Care of North America (MCNA) Dental","reported_date":null,"state":"WI","individuals_affected":893708,"source_type":"state_ag","severity_score":95,"summary":"MCNA Dental, a dental insurance provider, experienced a cybersecurity incident involving unauthorized access to its computer systems. This resulted in the acquisition of protected health information (PHI) belonging to current and former members of managed care organizations that contract with MCNA. The compromised data included names, addresses, dates of birth, phone numbers, email addresses, Medicaid ID numbers, and dental and orthodontic health information. Social Security numbers were not involved. MCNA is offering affected individuals 12 months of complimentary credit monitoring and identity protection services."},{"id":"452c0674-bac7-4742-b9ae-1bf83f73dd45","entity_name":"Glendora Surgery Center","reported_date":"2026-05-17","state":"CA","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"1387c665-e689-4192-be76-302b3120dc24","entity_name":"Ultrahuman Healthcare Private Limited","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This breach notification is from Ultrahuman Healthcare Private Limited. No other details are available from the provided context."},{"id":"f2afff2e-a432-455c-97f0-b57ee8c38441","entity_name":"Erie Family Health Centers","reported_date":"2026-05-17","state":"IL","individuals_affected":570000,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"f2526920-1a2c-4c38-a116-071604cde8b2","entity_name":"Proxycare, Inc.","reported_date":"2026-05-17","state":"FL","individuals_affected":45196,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"f432bbad-496c-4d25-88bb-7c4598f3bb3d","entity_name":"Rocky Mountain Care","reported_date":"2026-05-17","state":"UT","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"4fb8c9b6-43de-4fdc-8b3f-fca42971a45c","entity_name":"Woodfords Family Services","reported_date":"2026-05-04","state":"ME","individuals_affected":38061,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"543e519d-43fa-4936-afec-d510f5d50e64","entity_name":"MCNA Insurance Company","reported_date":null,"state":"WI","individuals_affected":876404,"source_type":"state_ag","severity_score":95,"summary":"MCNA Insurance Company, a dental managed care provider, suffered a data breach where an unauthorized party gained access to its computer systems and acquired files containing protected health information (PHI) of members. The breach affected names, addresses, dates of birth, phone numbers, email addresses, Medicaid ID numbers, and dental and orthodontic health information. Social Security numbers were not compromised. MCNA is providing 12 months of complimentary credit monitoring and identity protection services to those affected."},{"id":"ad5cf9cb-4d1b-4d0b-adf2-d4b25f669feb","entity_name":"F5 BIG-IP - F5 BIG-IP Unspecified Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"F5 BIG-IP APM contains an unspecified vulnerability that could allow a threat actor to achieve remote code execution."},{"id":"777d50bc-61ac-4514-8bc0-25d6e9a02cb5","entity_name":"Wisconsin Department of Health Services (DHS)","reported_date":null,"state":"WI","individuals_affected":7824,"source_type":"state_ag","severity_score":50,"summary":"The Wisconsin Department of Health Services (DHS) experienced a data breach involving personal information of individuals due to an unauthorized system access. Names, dates of birth, addresses, and full or partial Social Security numbers were potentially exposed. The DHS is offering free credit monitoring and identity theft protection services."},{"id":"073b1b17-8df8-4ada-8ac5-ce49b8b81de8","entity_name":"Anthem PPO (Managed Care of North America - MCNA)","reported_date":null,"state":"WI","individuals_affected":2427847,"source_type":"state_ag","severity_score":95,"summary":"Dental insurance provider Anthem PPO (Managed Care of North America - MCNA) experienced a breach where files containing protected health information (PHI) of managed care members were acquired by an unauthorized party. The breach involved names, addresses, dates of birth, phone numbers, email addresses, Medicaid ID numbers, and dental and orthodontic health information. Social Security numbers were not involved. Anthem PPO is offering affected individuals 12 months of complimentary credit monitoring and identity protection services."},{"id":"f704e5e9-3ae7-40c0-960b-ef05208914d3","entity_name":"Cullen/Frost Bankers, Inc.","reported_date":"2026-05-14","state":"TX","individuals_affected":4698,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"d8e70455-cd26-4500-8a9e-92106b3207bd","entity_name":"Phishing Email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":70,"summary":"Suspicious emails targeting healthcare staff"},{"id":"f9034263-2ed5-47ac-84b1-3feb7c6c4e22","entity_name":"LHC Group","reported_date":"2026-05-10","state":"LA","individuals_affected":8644,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"cbbdffd6-0912-48d6-a042-d0ce750c14d9","entity_name":"Nephrology Associates Medical Group","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Nephrology Associates Medical Group"},{"id":"1136e6a4-62f8-4d00-871f-410c8fa398b5","entity_name":"Amedisys","reported_date":"2026-05-10","state":"LA","individuals_affected":9111,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"853a6328-77e5-4da6-864a-263984f3f390","entity_name":"CORPORACION DE SERVICIOS MEDICOS PRIMARIOS Y PREVENCION DE HATILLO","reported_date":"2026-05-11","state":"","individuals_affected":24236,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"5eea209f-7ab4-4bd0-8230-8f609dce7c4d","entity_name":"Siemens SICAM 8 Products","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service. Siemens has released new versions for the affected products and recommends to update to the latest versions."},{"id":"2f4d811f-2085-4400-be96-f12fb71f4133","entity_name":"Utah Telehealth Solutions","reported_date":null,"state":"UT","individuals_affected":20000,"source_type":"state_ag","severity_score":70,"summary":"A data breach at a cloud provider used by Utah Telehealth Solutions compromised patient video consultation records."},{"id":"3aee37c3-404a-4b4d-aa22-064b614ee452","entity_name":"Securian Financial","reported_date":"2026-05-05","state":"MN","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"4d0dec77-33fb-4d5d-a392-de16e2c089da","entity_name":"Medi-Rents & Sales, Inc.","reported_date":"2026-05-17","state":"MD","individuals_affected":1524,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"c02fa090-c784-4215-9c0b-2f843d5de0ac","entity_name":"Fenwick & West Group Health Plan","reported_date":"2026-05-05","state":"CA","individuals_affected":1740,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"2a96b494-4672-4847-82d7-29ea118f07fe","entity_name":"Coastal Carolina Health Care, PA","reported_date":"2026-05-11","state":"NC","individuals_affected":110304,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"f5413a41-cfed-4876-83ee-ce61d3eec495","entity_name":"Mirra Health Care LLC","reported_date":"2026-03-25","state":"FL","individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Mirra Health Care LLC jeopardized the safety of thousands of Floridians by sharing their sensitive health data with unauthorized companies overseas in India and the Philippines."},{"id":"e0d92bcf-026b-4448-85f6-bb81d7670785","entity_name":"New York City Health and Hospitals Corporation","reported_date":"2026-05-18","state":"NY","individuals_affected":1800000,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"4d3d7c6d-d1ed-4ca1-a970-a4485277eb78","entity_name":"VirtuOx, LLC","reported_date":"2026-05-10","state":"FL","individuals_affected":621,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"3c821f7f-9279-4070-a130-036a76379e43","entity_name":"Schneider Electric Plant iT/Brewmaxx","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":70,"summary":"The affected product uses Redis, an open-source, in-memory database. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution"},{"id":"30fcefc8-aa74-491c-b8cc-cca7d6cd4665","entity_name":"Schneider Electric Plant iT/Brewmaxx","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":99,"summary":"The affected product uses Redis, an open-source, in-memory database. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution."},{"id":"98876edc-d5c7-4e83-89ce-6f39da10f523","entity_name":"QualDerm","reported_date":"2026-03-25","state":null,"individuals_affected":3100000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers stole personal, medical, and health insurance information from QualDerm’s internal systems, impacting 3.1 million individuals."},{"id":"5cfd28bd-a66e-4209-a3ed-1e6fb697ce74","entity_name":"Grassroots DICOM (GDCM)","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggering a denial-of-service condition. A maliciously crafted file can fill the heap in a single read operation without properly releasing it."},{"id":"15edb750-2b32-49be-8cb8-0b974e42c8f5","entity_name":"Schneider Electric Plant iT/Brewmaxx","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":99,"summary":"Successful exploitation of these vulnerabilities could risk privilege escalation, which could result in remote code execution."},{"id":"17647089-d9fb-40f5-a380-f8716b8f5e45","entity_name":"Grassroots DICOM (GDCM)","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":75,"summary":"Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a denial-of-service condition."},{"id":"3728ee3a-cc85-447d-ab08-2b707872b7c9","entity_name":"Schneider Electric EcoStruxure Foxboro DCS","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":65,"summary":"Schneider Electric is aware of a vulnerability in its EcoStruxure Foxboro DCS Control Software on Foxboro DCS workstations and servers. Control Core Services and all runtime software, like FCPs, FDCs, and FBMs, are not affected. The EcoStruxure Foxboro DCS ([https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/](https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/)) product is an innovative family of fault-tolerant, highly available control components, which consolidates critical information and elevates staff capabilities to ensure flawless, continuous plant operation. Failure to apply the remediation provided below may risk deserialization of untrusted data, which could result in loss of confidentiality, integrity and potential remote code execution on the compromised workstation."},{"id":"17931f5c-3d9c-4648-8683-bc935cafe059","entity_name":"Continental Casualty Company (CNA)","reported_date":"2026-05-10","state":"IL","individuals_affected":6086,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"f4be5873-9a1a-4d7f-b0d4-21b9e80bdfcb","entity_name":"Expert MRI","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Expert MRI"},{"id":"925e416a-6858-4260-b215-e05709cf4fbc","entity_name":"Rosch Visionary Systems, Inc.","reported_date":"2026-05-19","state":"NY","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"cbf7e474-7ce2-4a8f-8540-f2bdc06ef416","entity_name":"Stryker","reported_date":"2026-03-31","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Medical device giant Stryker has confirmed that a March 11 cyberattack claimed by an Iran-linked group is now contained after investigators discovered and neutralized a hidden malicious file used by the threat actors to run device wiping commands."},{"id":"ea3f1634-d0ae-49c3-8816-9128a0c660e5","entity_name":"OpenLoop Health","reported_date":"2026-03-28","state":null,"individuals_affected":3700000,"source_type":"modeled_breach","severity_score":48,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A threat actor known as \"Stuckin2019\" allegedly affected OpenLoop Health and 3.7 million patients."},{"id":"90e5dbc5-5082-48bc-b6cf-7356187d8581","entity_name":"Psychiatric Medical Care","reported_date":null,"state":"WI","individuals_affected":86000,"source_type":"state_ag","severity_score":70,"summary":"Psychiatric Medical Care, LLC reported that an unauthorized third-party gained access to its systems. The incident potentially exposed protected health information."},{"id":"98511e56-dcf0-4c84-86b6-bb7ab35567e6","entity_name":"Mays Housecall Home Health, Inc.","reported_date":"2026-05-14","state":"TX","individuals_affected":5208,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6380672a-efd2-44c3-9d83-81bed374f44d","entity_name":"ConnectiCare, Inc.","reported_date":null,"state":"WI","individuals_affected":139500,"source_type":"state_ag","severity_score":85,"summary":"ConnectiCare, Inc., a health insurance company, reported a data breach impacting protected health information. The breach involved unauthorized access to internal systems."},{"id":"f2c334c9-53ea-49ff-b3f4-0200fdf13f0e","entity_name":"Deaconess Health System","reported_date":"2026-04-29","state":"IN","individuals_affected":8941,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"ee4762c7-abaf-4acf-b6ac-e3d1f2cc4659","entity_name":"Stockton Cardiology Medical Group","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Stockton Cardiology Medical Group"},{"id":"e2cd1b57-30f7-4938-ac6f-d49da0f72bae","entity_name":"New Hampshire Dental Practice","reported_date":null,"state":"NH","individuals_affected":3000,"source_type":"state_ag","severity_score":50,"summary":"A breach of patient billing software led to the compromise of patient financial and contact information."},{"id":"4a5d3dbc-6402-4fcc-8c53-5eb82ba6684a","entity_name":"Navia","reported_date":"2026-03-21","state":null,"individuals_affected":2700000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Hackers stole personal and health plan information from Navia's environment between late December 2025 and mid-January 2026, impacting 2.7 million individuals."},{"id":"198f1dcf-ba95-4945-a2f0-19198d6af29b","entity_name":"ChristianaCare","reported_date":null,"state":"DE","individuals_affected":2000,"source_type":"state_ag","severity_score":50,"summary":"Misconfigured server exposed patient health information online."},{"id":"1f85f77d-febc-468a-9331-2ee92e63628b","entity_name":"Wellcare Health Plans, Inc.","reported_date":null,"state":"WI","individuals_affected":55300,"source_type":"state_ag","severity_score":70,"summary":"Wellcare Health Plans, Inc., a health insurance company under Centene Corporation, reported a data breach at its third-party vendor, Medical Management Business Services (MMBS). The breach exposed protected health information."},{"id":"1a121cca-842e-4b04-8f94-27dcded8665e","entity_name":"Dental Health Associates of Madison, Ltd.","reported_date":null,"state":"WI","individuals_affected":240000,"source_type":"state_ag","severity_score":85,"summary":"Dental Health Associates of Madison, Ltd. reported a data breach impacting systems containing protected health information. The breach occurred as a result of unauthorized access to their network."},{"id":"1a51cc14-59d4-4293-89a9-3276b517e159","entity_name":"Kansas Medical Center","reported_date":null,"state":"KS","individuals_affected":95000,"source_type":"state_ag","severity_score":70,"summary":"Kansas Medical Center reported a cyberattack that disrupted their IT systems and exposed patient data. The breach affected administrative, clinical, and billing information."},{"id":"3f2e803b-923c-480c-b92f-428ace708eab","entity_name":"Seoul National University Hospital","reported_date":"2026-03-20","state":null,"individuals_affected":16000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Patient records of approximately 16,000 individuals were partially leaked from Seoul National University Hospital due to a clerical error where a staff member mistakenly entered the wrong email address while sending an internal message."},{"id":"2cd85e6d-e4e9-4c1e-8646-ab35ef1dc0f4","entity_name":"BeyondFaith Homecare & Rehab, LLC","reported_date":"2026-04-29","state":"TX","individuals_affected":708,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"0c86780e-8ce8-46a7-a4b1-a98bfe43494e","entity_name":"Complete Eye Care dba Orem Eye Clinic","reported_date":"2026-05-11","state":"UT","individuals_affected":5800,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"a7e77523-34b2-4275-9912-b0471514f4de","entity_name":"Cisco Secure Firewall Management Center (FMC) - Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device."},{"id":"2296589c-2a06-4ad2-aef3-43b5c148f0c0","entity_name":"Deaconess Health System","reported_date":"2026-03-20","state":"KY","individuals_affected":null,"source_type":"modeled_breach","severity_score":36,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A data breach at a third-party medical records vendor exposed the personal and health information of patients at two Deaconess Health System hospitals in Western Kentucky."},{"id":"951a9b47-e729-49fd-b7f3-18c5cb120c43","entity_name":"Navia Benefit Solutions, Inc.","reported_date":"2026-05-17","state":"WA","individuals_affected":2151330,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"e3599385-afd4-49d3-a5d0-c3eb633ed89a","entity_name":"Navia Benefit Solutions, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Navia Benefit Solutions, Inc."},{"id":"98d467e8-c487-4120-9a61-7d18d33e05a3","entity_name":"The South Alabama Regional Planning Commission","reported_date":"2026-05-11","state":"AL","individuals_affected":3043,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"9b2fe852-8270-43a7-a00c-804968fa23c1","entity_name":"Stockton Cardiology Medical Group","reported_date":"2026-05-20","state":"CA","individuals_affected":90000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"29ddb9e1-5054-48fc-af68-6e51980924a7","entity_name":"Navia Benefit Solutions, Inc. (City of Bellevue)","reported_date":null,"state":"WA","individuals_affected":319208,"source_type":"state_ag","severity_score":85,"summary":"Breach at Navia Benefit Solutions, Inc. (City of Bellevue)"},{"id":"5188657c-e290-4427-b714-10f5377eb606","entity_name":"New Horizons Behavioral Health","reported_date":"2026-05-17","state":"GA","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"cd6cb893-67d9-4708-ba9e-465dbb9a66cc","entity_name":"Premera Blue Cross","reported_date":null,"state":"IN","individuals_affected":11000000,"source_type":"state_ag","severity_score":95,"summary":"This breach affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and affiliate brands, including Vivacity and Connection Dental. The cyberattack may have exposed names, dates of birth, addresses, telephone numbers, email addresses, Social Security numbers, bank account information, and claims information, including clinical information."},{"id":"7eae1b6e-9631-429f-8a5c-d8db5798dae6","entity_name":"OpenLoop Health, Inc.","reported_date":"2026-05-11","state":"IA","individuals_affected":716000,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"83df0d2a-8c3e-4501-b078-1f684d28fcc3","entity_name":"Coastal Skin Surgery & Dermatology","reported_date":"2026-04-27","state":"FL","individuals_affected":6173,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"82252939-5ff1-43b7-8312-34228c203e52","entity_name":"OpenLoop Health, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"OpenLoop Health, Inc."},{"id":"569ce6e1-95c6-4076-b12e-624b48e36596","entity_name":"Cascade Eyecare Center, PC","reported_date":null,"state":"OR","individuals_affected":410,"source_type":"state_ag","severity_score":30,"summary":"Breach notification from Cascade Eyecare Center, PC."},{"id":"bf365627-a634-4972-9fba-cf56603cc411","entity_name":"Amyris Incorporated Health and Welfare Plan","reported_date":"2026-04-29","state":"CA","individuals_affected":2042,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"9d816c38-81fa-4afe-96f8-f92ffd4df7af","entity_name":"Phishing Email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":70,"summary":"Suspicious emails targeting healthcare staff"},{"id":"a87061ea-8e54-45af-82fb-27b706735e7e","entity_name":"Good Samaritan Health Center","reported_date":"2026-04-26","state":"GA","individuals_affected":10000,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"68060ad1-57b4-4607-902c-24c2548f8675","entity_name":"Volvo Welfare Benefit Plan","reported_date":"2026-05-29","state":"NC","individuals_affected":16991,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"2587ca91-30c8-49e6-9f65-75385d3067ff","entity_name":"Renovo Chiropractic & Wellness","reported_date":"2026-04-27","state":"WA","individuals_affected":538,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"0f2d15dc-3de4-4550-a7ac-044734398973","entity_name":"Walpole Area Visiting Nurse Association, Inc.","reported_date":"2026-04-27","state":"MA","individuals_affected":566,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"685fafe8-ce24-4db2-a24f-ee90257ea6e2","entity_name":"Wound Technology Network","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Wound Technology Network"},{"id":"338fd492-f7c7-4479-9439-d33d57761d01","entity_name":"MercyOne","reported_date":null,"state":"IA","individuals_affected":180000,"source_type":"state_ag","severity_score":85,"summary":"MercyOne experienced a data security incident involving an unauthorized third party accessing its network. The breach led to the exposure of patient health information, including medical history and treatment plans."},{"id":"7e7f8f7f-09af-418d-822a-a435a89ae642","entity_name":"Hawkeye Health Services","reported_date":null,"state":"IA","individuals_affected":9000,"source_type":"state_ag","severity_score":50,"summary":"Third-party billing vendor experienced a data breach affecting patient financial information."},{"id":"eb50a192-cee3-42ef-89a9-87fe7d9769a0","entity_name":"AbsoluteCare, Inc.","reported_date":null,"state":"WI","individuals_affected":29000,"source_type":"state_ag","severity_score":70,"summary":"AbsoluteCare, Inc. reported a security incident to the Attorney General, indicating a breach of protected health information."},{"id":"6007bcf9-0363-4591-8227-228e883620bc","entity_name":"MediCorp Healthcare System","reported_date":null,"state":"IL","individuals_affected":250000,"source_type":"state_ag","severity_score":85,"summary":"A ransomware attack encrypted patient records and exfiltrated sensitive data."},{"id":"13053551-2412-4c76-9c3d-a34290547d1c","entity_name":"Kaiser Foundation Health Plan, Inc.","reported_date":null,"state":"CA","individuals_affected":13400000,"source_type":"state_ag","severity_score":95,"summary":"Kaiser Foundation Health Plan, Inc. experienced a data breach where an unauthorized party gained access to their systems, potentially exposing protected health information."},{"id":"374c7b06-9683-4650-9a6e-0006ddc3354e","entity_name":"Aetna Life Insurance Company","reported_date":null,"state":"CA","individuals_affected":2000,"source_type":"state_ag","severity_score":50,"summary":"Mailing error exposed Explanation of Benefits statements for members with HIV."},{"id":"0be8b173-45c8-42ed-a759-8bc32df4a0db","entity_name":"Northern Regional Hospital","reported_date":"2026-04-27","state":"NC","individuals_affected":1575,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"dc9d6520-faf6-408f-8d7d-22bf0ad54c16","entity_name":"Dartmouth-Hitchcock Medical Center","reported_date":null,"state":"NH","individuals_affected":1500,"source_type":"state_ag","severity_score":50,"summary":"Unauthorized access to a database containing patient scheduling and contact information."},{"id":"11c95502-fac2-41b3-a039-b84e4067d576","entity_name":"Delaware Health System","reported_date":null,"state":"DE","individuals_affected":12000,"source_type":"state_ag","severity_score":70,"summary":"Server misconfiguration exposed patient demographic and limited clinical data."},{"id":"8188f68f-d3d0-4d52-9a07-1da345f012b2","entity_name":"Old Dominion Health Plan","reported_date":null,"state":"VA","individuals_affected":30000,"source_type":"state_ag","severity_score":70,"summary":"Business email compromise (BEC) incident leading to fraudulent wire transfers and exposure of employee and potentially member data."},{"id":"48f9e032-b616-4edb-ba2f-8d15b2ee5252","entity_name":"UPMC","reported_date":"2026-04-20","state":"PA","individuals_affected":687,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"b2c75aa4-2aef-441d-b304-106b883e2411","entity_name":"A Path of Care Home Health and Hospice","reported_date":"2026-04-20","state":"OK","individuals_affected":3849,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"4cea0caf-de7a-4273-bec7-dfbc3d321144","entity_name":"Wonderland Child & Family Services","reported_date":"2026-04-27","state":"WA","individuals_affected":1283,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"e583c266-c52c-4a1d-9647-0f783f53d2e3","entity_name":"Bloom Circle, Inc. d/b/a Lena Health","reported_date":"2026-04-20","state":"TX","individuals_affected":3651,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6aefe6ea-ce39-48c0-9136-36f0dd1d8fe3","entity_name":"MedPeds Associates of Sarasota","reported_date":"2026-04-20","state":"FL","individuals_affected":22017,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"09079730-faa8-46ce-9dcf-1a1525652921","entity_name":"Ideal Home Care","reported_date":"2026-04-27","state":"OK","individuals_affected":1331,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"66ffcbe4-3288-4a3c-87ac-670447046273","entity_name":"Trinity Health","reported_date":"2026-04-26","state":"MI","individuals_affected":2740,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"a70e3f01-b7a8-44fc-b7fa-61a2cb94d8be","entity_name":"Georgia Vascual Specialists PC","reported_date":"2026-05-20","state":"GA","individuals_affected":600,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"b2a96afd-37b4-4b45-946d-aa726f92c220","entity_name":"Capital City Clinic","reported_date":null,"state":"DC","individuals_affected":10000,"source_type":"state_ag","severity_score":50,"summary":"Cyberattack on electronic medical records system."},{"id":"cf36d03e-5634-48dd-a064-46a2e03be046","entity_name":"Defense Health Agency","reported_date":"2026-04-08","state":"VA","individuals_affected":96271,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"7ae54847-d71c-471f-b49e-0372ca7ad7e1","entity_name":"Community Nurse","reported_date":"2026-04-16","state":"MA","individuals_affected":6746,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"ebdc544a-2acf-4b87-9983-e529ba60e6e1","entity_name":"Capital Health Care Network","reported_date":null,"state":"WV","individuals_affected":45000,"source_type":"state_ag","severity_score":70,"summary":"A phishing incident compromised employee email accounts, leading to unauthorized access to patient health information. The incident was discovered on March 1, 2026. Exposed data included patient names, dates of birth, and medical record numbers."},{"id":"9d39a2e9-fac2-4962-92bf-d238f1fc28ac","entity_name":"Central Ohio Urology Group","reported_date":"2026-05-04","state":"OH","individuals_affected":4234,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"a539e3bf-3e00-4456-8d97-75a61689585a","entity_name":"ModivCare Solutions, LLC","reported_date":null,"state":"WI","individuals_affected":42000,"source_type":"state_ag","severity_score":70,"summary":"ModivCare Solutions, LLC, a provider of non-emergency medical transportation and other healthcare services, experienced a data breach compromising protected health information."},{"id":"8dae2197-f9cf-4682-a60d-e453c4701cca","entity_name":"Team Select","reported_date":"2026-04-20","state":"AZ","individuals_affected":949,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"ef40d3b6-2482-4d73-84be-1dc651c913d0","entity_name":"Guardian Home Health Care, LLC","reported_date":"2026-04-16","state":"MA","individuals_affected":613,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"59e04f5d-ec10-4d12-b6fd-ec9f0390ca35","entity_name":"SSM Health","reported_date":"2026-04-20","state":"OK","individuals_affected":597,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"dd6bde22-cf99-4bce-a0a1-706fde55404e","entity_name":"NYC Health + Hospitals","reported_date":"2026-04-27","state":"NY","individuals_affected":5086,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"1d52ff8f-6676-4da1-b938-26ec5a57de7c","entity_name":"illumifin Corporation","reported_date":"2026-04-21","state":"MN","individuals_affected":5385,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"48eb319d-88c3-4b70-b14e-b99d7e653698","entity_name":"Hartford HealthCare","reported_date":null,"state":"CT","individuals_affected":6000,"source_type":"state_ag","severity_score":50,"summary":"Third-party billing vendor experienced a data breach exposing patient financial and personal information."},{"id":"48f4abed-efb0-4681-aabb-76988c47e797","entity_name":"Connect Health","reported_date":null,"state":"AR","individuals_affected":8500,"source_type":"state_ag","severity_score":50,"summary":"Unauthorized access to patient records due to a misconfigured server. Data accessed includes patient demographics and treatment plans."},{"id":"5219027d-e7c0-4a7f-becc-ca2f9a57e1dc","entity_name":"Acme Healthcare System","reported_date":null,"state":"IL","individuals_affected":15000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to patient records due to a phishing attack."},{"id":"2547796e-94ee-402a-969e-793cd72bf908","entity_name":"Old Dominion Health Tech","reported_date":null,"state":"VA","individuals_affected":45000,"source_type":"state_ag","severity_score":70,"summary":"Vulnerability in a patient portal allowed unauthorized access to user accounts."},{"id":"33d7dd20-e37d-4cee-a161-f954a453bc79","entity_name":"Delta Medical Systems","reported_date":"2026-04-21","state":"WI","individuals_affected":1574,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"7688691d-55cd-491b-a17a-bd9b1df3c887","entity_name":"Orion Dental Specialists","reported_date":null,"state":"MI","individuals_affected":24000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to network server affecting patient data."},{"id":"b8f3f193-c004-4170-986e-7ed204b6dc2c","entity_name":"Capital City Pharmacy","reported_date":null,"state":"VA","individuals_affected":55000,"source_type":"state_ag","severity_score":70,"summary":"A third-party vendor experienced a data breach impacting pharmacy customer data."},{"id":"3e56a6a4-049b-44ad-aeb1-648355a76840","entity_name":"Massachusetts General Hospital","reported_date":null,"state":"MA","individuals_affected":150000,"source_type":"state_ag","severity_score":85,"summary":"A ransomware attack impacted several clinical systems, leading to the encryption and potential exfiltration of patient records."},{"id":"262ddabe-e860-4448-b0af-2ed2066bfec0","entity_name":"Nevada Family Dentistry","reported_date":null,"state":"NV","individuals_affected":1000,"source_type":"state_ag","severity_score":30,"summary":"A ransomware attack encrypted patient records, including names, contact information, and dental histories."},{"id":"8fa0cb67-d020-4ef9-8e0f-8ad5cee7e165","entity_name":"Rhode Island Medical Center","reported_date":null,"state":"RI","individuals_affected":2000,"source_type":"state_ag","severity_score":50,"summary":"Employee theft of a laptop containing unencrypted patient data."},{"id":"198cc463-c2c8-4614-bc04-37778657d49c","entity_name":"Ascension","reported_date":null,"state":"IN","individuals_affected":100000,"source_type":"state_ag","severity_score":70,"summary":"Hackers gained unauthorized access to patient data, which included names, dates of birth, addresses, and certain medical information."},{"id":"db2865c0-bb77-4ece-81e9-daf33fbf22c9","entity_name":"Regional Medical Center","reported_date":null,"state":"AL","individuals_affected":25000,"source_type":"state_ag","severity_score":70,"summary":"Unknown party gained unauthorized access to systems containing patient information."},{"id":"5c0d6b34-0e3e-46d2-bb7d-c083dc6ee2b5","entity_name":"Prairie State Health Plan","reported_date":null,"state":"MN","individuals_affected":30000,"source_type":"state_ag","severity_score":70,"summary":"Third-party vendor data breach impacted member information hosted on their servers."},{"id":"5e3fbf32-b003-4cb4-85c7-62cf90122d21","entity_name":"Medi-Data Inc.","reported_date":null,"state":"FL","individuals_affected":15000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to patient scheduling system, potentially compromising appointments and basic contact information."},{"id":"bf9e2109-c60e-4d5f-8080-19cba8e7c18f","entity_name":"Michigan Primary Care Network","reported_date":null,"state":"MI","individuals_affected":120000,"source_type":"state_ag","severity_score":85,"summary":"Malware infection on servers resulted in data compromise."},{"id":"5c4fe214-d3ba-448c-85a3-00a2142401db","entity_name":"Community Health Action of Staten Island","reported_date":"2026-04-21","state":"NY","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"6921ec84-057e-4b4b-9370-a7522b8438d5","entity_name":"Ivanti  Endpoint Manager (EPM) - Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data."},{"id":"52ed8751-680c-4461-a5ed-ef758e8cde3e","entity_name":"Omnissa Workspace One UEM - Omnissa Workspace ONE Server-Side Request Forgery","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information."},{"id":"18b67e80-c8d3-406b-a479-4c578a85ef1b","entity_name":"Metropolitan Life Insurance Company","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"731eebd4-c8d7-4869-a63d-76780d2e8f9d","entity_name":"Suspicious Call","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Calls attempting to obtain sensitive information"},{"id":"5ddd12c7-ce15-458e-b98a-411a4bb52b4f","entity_name":"Tampa Bay Dental Implants & Periodontics","reported_date":"2026-05-17","state":"FL","individuals_affected":6400,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"ca1c6101-133e-49f9-b123-04b9c89bbec9","entity_name":"Indiana Department of Child Services","reported_date":null,"state":"IN","individuals_affected":160000,"source_type":"state_ag","severity_score":85,"summary":"Information about the Indiana Department of Child Services breach is available on the Attorney General website."},{"id":"888008c3-2a52-4f23-b520-5a78a8355ec8","entity_name":"North Texas Behavioral Health Authority","reported_date":"2026-04-20","state":"TX","individuals_affected":285086,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"daa25788-18e3-42d1-95b5-209fabcb129a","entity_name":"Barrio Comprehensive Family Health Care Center","reported_date":"2026-04-21","state":"TX","individuals_affected":19971,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"73de4b2d-b05a-4d57-9914-45312d89dc14","entity_name":"Metrocare","reported_date":"2026-05-15","state":"TX","individuals_affected":602,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"cf146054-3ac9-4c65-abc1-14eaa07d7f3e","entity_name":"Cognizant TriZetto","reported_date":"2026-03-19","state":null,"individuals_affected":3400000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. TriZetto Provider Solutions, a healthcare IT company, suffered a data breach exposing sensitive information of over 3.4 million patients."},{"id":"2b67d2f7-ba2d-4e6e-881b-743b079dc79e","entity_name":"Saint Anthony Hospital","reported_date":"2026-04-20","state":"IL","individuals_affected":146108,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"3022ef98-4d89-4e7a-b0b5-2673539fa35b","entity_name":"Cedar Valley Hospice","reported_date":"2026-04-21","state":"IA","individuals_affected":10666,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"ca2caab4-4b10-4841-883a-bd17f453bbdb","entity_name":"County of Murray dba Murray County Medical Center","reported_date":"2026-04-20","state":"MN","individuals_affected":5073,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"18089ffa-af21-43e8-a39e-81c10e82cd40","entity_name":"Exclusive Physicians PLLC","reported_date":"2026-04-21","state":"MI","individuals_affected":58000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"4a5de1d5-a76b-4c85-bdd6-979b2908f0be","entity_name":"Colorado Allergy & Asthma Centers, P.C.","reported_date":"2026-04-16","state":"CO","individuals_affected":2063,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"5e8bd923-61d8-4680-96d1-f386fa713a8b","entity_name":"Mountain State Dental Group","reported_date":null,"state":"WV","individuals_affected":900,"source_type":"state_ag","severity_score":30,"summary":"A former employee retained unauthorized access to patient scheduling and billing systems at Mountain State Dental Group after termination."},{"id":"a281050f-f2ce-45c4-a231-668885a377cc","entity_name":"Elite Dental Associates","reported_date":null,"state":"IN","individuals_affected":15000,"source_type":"state_ag","severity_score":70,"summary":"Elite Dental Associates experienced a security incident that led to the exposure of patient names, contact information, dental records, and billing information."},{"id":"d7f041d9-0481-4403-822b-cc9468657c9c","entity_name":"Insightin Health, Inc. (Centene Corporation)","reported_date":null,"state":"WA","individuals_affected":11740,"source_type":"state_ag","severity_score":70,"summary":"Data breach notification from Insightin Health, Inc. (Centene Corporation)"},{"id":"fa82730f-d093-4eef-93da-da63688741f4","entity_name":"Insightin Health, Inc.","reported_date":null,"state":"OR","individuals_affected":1144686,"source_type":"state_ag","severity_score":95,"summary":"Breach notification from Insightin Health, Inc."},{"id":"2a514fb5-3f52-4798-a623-1d7b9221dace","entity_name":"Hoosier Health System","reported_date":null,"state":"IN","individuals_affected":200000,"source_type":"state_ag","severity_score":85,"summary":"Hoosier Health System reported a ransomware attack that resulted in the encryption of their electronic medical records and temporary disruption of services."},{"id":"f7d904aa-cebf-4745-aca5-8b0fd973e4c0","entity_name":"Tar Heel Health Alliance","reported_date":null,"state":"NC","individuals_affected":90000,"source_type":"state_ag","severity_score":70,"summary":"Malware incident affected systems holding patient treatment and billing information."},{"id":"8c619dad-b553-4727-ab8c-243a4b3dcd09","entity_name":"Magnolia Health System","reported_date":null,"state":"MS","individuals_affected":80000,"source_type":"state_ag","severity_score":70,"summary":"Third-party vendor data breach impacted patient scheduling and billing systems."},{"id":"5babbccf-3c27-4b01-bd6c-d858fcb41794","entity_name":"Tieu Dental Corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"73dac731-2dfe-4b98-ba48-c4c75f56ff54","entity_name":"Greenway Health, LLC","reported_date":null,"state":"WI","individuals_affected":200000,"source_type":"state_ag","severity_score":85,"summary":"Greenway Health, LLC, a health information technology vendor, experienced a data breach affecting multiple healthcare entities. The breach involved unauthorized access to electronic health records."},{"id":"e1c1cf33-cde1-4a61-b061-37475c7b6148","entity_name":"Northwest Medical Homes, LLC","reported_date":null,"state":"OR","individuals_affected":98527,"source_type":"state_ag","severity_score":70,"summary":"Breach notification from Northwest Medical Homes, LLC."},{"id":"cc9c4d57-29a6-4c7b-97df-09bf2c1711d8","entity_name":"Great Lakes Health System","reported_date":null,"state":"MI","individuals_affected":80000,"source_type":"state_ag","severity_score":70,"summary":"A phishing incident at Great Lakes Health System compromised employee email accounts, exposing patient data contained within those accounts."},{"id":"999d373b-5301-4629-9cc8-c320a39716ad","entity_name":"Tar Heel Mental Wellness Center","reported_date":null,"state":"NC","individuals_affected":12000,"source_type":"state_ag","severity_score":70,"summary":"Security misconfiguration on a patient portal allowed unauthorized access to therapy session notes."},{"id":"69160163-b967-4822-b0b4-af39f789c820","entity_name":"Tieu Dental Corporation","reported_date":"2026-04-13","state":"CA","individuals_affected":8918,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6c5467f1-04c0-4b78-a767-ad508b2abbc3","entity_name":"Longevity Health Plan","reported_date":"2026-04-16","state":"FL","individuals_affected":15000,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"3718053b-39d9-4cbc-9108-3a150697ad4a","entity_name":"Dermatology Associates","reported_date":"2026-04-08","state":"KY","individuals_affected":63657,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"f91b2dc9-b27f-4c84-b454-2af943da06cf","entity_name":"21st Century Oncology","reported_date":null,"state":"WI","individuals_affected":2200000,"source_type":"state_ag","severity_score":95,"summary":"21st Century Oncology announced a data breach that exposed patient information following unauthorized access to its network database. The compromised data includes names, social security numbers, insurance information, and medical diagnoses."},{"id":"d5782d77-cfb0-4169-90a9-188689cc8244","entity_name":"Brown Advisory LLC","reported_date":null,"state":"WA","individuals_affected":2,"source_type":"state_ag","severity_score":30,"summary":"Data breach"},{"id":"02941429-bd51-4170-acbc-eb28b09f9a14","entity_name":"Clement Manor","reported_date":null,"state":"OR","individuals_affected":16046,"source_type":"state_ag","severity_score":70,"summary":"Breach notification from Clement Manor."},{"id":"671ca3bd-addc-49a5-a292-39670c319401","entity_name":"Broadcom VMware Aria Operations - Broadcom VMware Aria Operations Command Injection Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to remote code execution during support‑assisted product migration."},{"id":"11dd236f-602f-4c7b-9626-9747a46bdeb0","entity_name":"Suspicious Call","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":50,"summary":"Calls attempting to obtain sensitive information"},{"id":"268d9c3d-fa19-4bc5-b22c-bd6733448004","entity_name":"Houston Dermatology Specialists","reported_date":"2026-05-19","state":"TX","individuals_affected":648,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"c658d2a9-6996-4cf4-9c64-e890038af08f","entity_name":"Kin Counseling Services PLLC","reported_date":"2026-04-13","state":"CO","individuals_affected":500,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"19bbcbf2-a0ba-44ce-b715-3a23440963d0","entity_name":"Valley Radiology Consultants Medical Group","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"0a4d5dee-1d1b-4ec0-a0b5-7d3dd933a0af","entity_name":"Palo Verde Hospital","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"0addbbb6-0028-498c-bc14-fb4eab8ed148","entity_name":"City Health, a medical corporation","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"This is a healthcare related data breach notification."},{"id":"ffe25c31-0b48-4200-972e-2a7cc6381d41","entity_name":"University of Iowa Hospitals & Clinics","reported_date":null,"state":"WI","individuals_affected":16000,"source_type":"state_ag","severity_score":70,"summary":"The University of Iowa Hospitals & Clinics announced a breach after an employee downloaded a file containing patient information to a personal computer. The data included names, addresses, dates of birth, and medical record numbers."},{"id":"278fccc8-e83e-4f2b-a9e5-ce199cc393f3","entity_name":"New York Life","reported_date":null,"state":"ND","individuals_affected":80920,"source_type":"state_ag","severity_score":70,"summary":"Impacted individuals received a notice from New York Life, which experienced a data breach stemming from a MOVEit Transfer attack, where an unauthorized third party exploited a vulnerability to access files."},{"id":"1c0159cd-e9d6-4429-b4c0-477621f93e5e","entity_name":"Connecticut Dental Group","reported_date":null,"state":"CT","individuals_affected":8000,"source_type":"state_ag","severity_score":50,"summary":"Ransomware attack encrypted patient dental records."},{"id":"cadac82f-59b9-4339-a349-ab5af090eaa2","entity_name":"Community Health Systems (CHS) - Multiple Hospitals","reported_date":null,"state":"TX","individuals_affected":150000,"source_type":"state_ag","severity_score":85,"summary":"A cybersecurity incident affected multiple CHS-affiliated hospitals, leading to the exposure of patient data."},{"id":"728bb59c-ca8c-44ab-a2aa-da97c806bb5d","entity_name":"DentalWorks of Austin","reported_date":null,"state":"TX","individuals_affected":2100,"source_type":"state_ag","severity_score":50,"summary":"Third-party vendor data breach exposed patient names, addresses, and dental records due to a vulnerability in their practice management software."},{"id":"2d10fc5f-4ef5-43fa-9542-8a847eebf14f","entity_name":"Eli Lilly and Company","reported_date":null,"state":"IN","individuals_affected":10000,"source_type":"state_ag","severity_score":50,"summary":"Third-party vendor data breach impacting patient program information."},{"id":"c702d739-85db-423c-9826-9ecf693f494f","entity_name":"Evergreen Pharmacy","reported_date":null,"state":"WA","individuals_affected":10000,"source_type":"state_ag","severity_score":50,"summary":"Pharmacy system vulnerability exploited, exposing prescription data."},{"id":"95f1814e-dbdf-4e02-854c-d0a712d3cb3e","entity_name":"Maryland Psychiatric Associates","reported_date":null,"state":"MD","individuals_affected":3000,"source_type":"state_ag","severity_score":50,"summary":"Unauthorized access to an electronic health record system due to weak authentication."},{"id":"dc5955cb-8c82-40e7-9d8c-d3cb01ffdd8b","entity_name":"Cornhusker Clinic","reported_date":null,"state":"NE","individuals_affected":2500,"source_type":"state_ag","severity_score":50,"summary":"Loss of unencrypted portable device containing patient demographics."},{"id":"fb8e4c7e-8a3a-486e-8cc0-d4ae23553cc5","entity_name":"PharMerica","reported_date":null,"state":"WI","individuals_affected":5800000,"source_type":"state_ag","severity_score":95,"summary":"In April 2023, PharMerica, a pharmacy services provider, experienced a data breach impacting a significant number of individuals. The breach exposed names, dates of birth, social security numbers, and medication information. The nature of the breach was described as an 'external system breach'."},{"id":"539f0346-ba1a-424a-87d6-1206c9eccaeb","entity_name":"Bluegrass Pharmacy Solutions","reported_date":null,"state":"KY","individuals_affected":80000,"source_type":"state_ag","severity_score":70,"summary":"Ransomware attack encrypted patient and employee data."},{"id":"fa014ea3-772e-4e61-aef3-aaa796a1dc24","entity_name":"North Dakota Rural Health","reported_date":null,"state":"ND","individuals_affected":15000,"source_type":"state_ag","severity_score":70,"summary":"Email compromise due to weak password practices, leading to PHI exposure."},{"id":"65251297-3fe7-494e-a70d-002d73d89aef","entity_name":"Dignity Dental (AR)","reported_date":null,"state":"AR","individuals_affected":12000,"source_type":"state_ag","severity_score":70,"summary":"Unauthorized access to patient records due to a phishing incident."},{"id":"7cee6c84-3e68-40ec-acb5-29dca03ac8f2","entity_name":"New Hampshire Dental Group","reported_date":null,"state":"NH","individuals_affected":8000,"source_type":"state_ag","severity_score":50,"summary":"Phishing attack compromising email accounts, exposing patient dental records and insurance details."},{"id":"a793bed6-9b1f-414c-9c0d-13e01b90896f","entity_name":"CVS Health (Accredited Specialty Pharmacy)","reported_date":null,"state":"TX","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"Misconfigured server exposed patient data without authorization."},{"id":"e96e78ce-dc7f-4a88-bc2c-2efe7a85a8f3","entity_name":"Bayou Medical Group","reported_date":null,"state":"LA","individuals_affected":90000,"source_type":"state_ag","severity_score":70,"summary":"A cyberattack targeting an electronic health record system resulted in data exfiltration."},{"id":"f89a4426-2a63-4489-b648-39e8af0c8d65","entity_name":"SwiftHealth","reported_date":null,"state":null,"individuals_affected":500000,"source_type":"ftc_breach","severity_score":85,"summary":"SwiftHealth, a telehealth platform, faced FTC enforcement for failing to adequately protect mental health data and for deceptive practices related to data sharing. The company was ordered to pay a penalty and establish a robust data security and privacy program. The settlement emphasizes the importance of clear disclosures about data handling practices, especially for sensitive mental health information."},{"id":"3b0246cd-3dd5-4742-b5ac-492a31cbbc11","entity_name":"Pelican State Healthcare","reported_date":null,"state":"LA","individuals_affected":40000,"source_type":"state_ag","severity_score":70,"summary":"Third-party vendor data breach exposed patient demographic and billing information."},{"id":"337d08c0-47b1-4f7e-9ce2-3815412ae58e","entity_name":"Catholic Health","reported_date":null,"state":"NY","individuals_affected":4500,"source_type":"state_ag","severity_score":50,"summary":"Phishing attack led to unauthorized access to employee email accounts containing patient data."},{"id":"db2dc65a-b0de-4ee9-a990-8a3e0b5801ae","entity_name":"Commonwealth Health Services","reported_date":null,"state":"VA","individuals_affected":40000,"source_type":"state_ag","severity_score":70,"summary":"Phishing attack resulting in compromised employee email accounts containing patient data."},{"id":"4a89aaad-92e7-4f10-900f-3f1f192f9ca4","entity_name":"Magnolia Pharmacy Services","reported_date":null,"state":"MS","individuals_affected":8000,"source_type":"state_ag","severity_score":50,"summary":"Insider threat incident where an employee illicitly accessed and downloaded patient prescription data."},{"id":"296c7a0c-a723-4d49-9f80-11c2ff20e0b5","entity_name":"Insurance ACE/Humana Inc.","reported_date":"2026-04-02","state":"KY","individuals_affected":1000,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"94c13545-080e-4d8c-9c00-28fe61ba39ea","entity_name":"Access Information Management Shared Services, LLC","reported_date":"2026-05-13","state":"MA","individuals_affected":1522,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"7db5f837-049b-44ee-9548-cdcf7be7a8fc","entity_name":"Greater Boston Urology","reported_date":"2026-04-29","state":"MA","individuals_affected":4717,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"150f923c-83b5-4ec0-a85f-8536084a998a","entity_name":"EyeMed Vision Care LLC","reported_date":null,"state":"WI","individuals_affected":2100000,"source_type":"state_ag","severity_score":95,"summary":"EyeMed Vision Care LLC, a vision benefits company, reported a data breach that allowed unauthorized access to member information. The breach originated from a phishing incident."},{"id":"72328b5f-ac86-4e08-badf-33b4e032db73","entity_name":"Sunflower Health Tech","reported_date":null,"state":"KS","individuals_affected":60000,"source_type":"state_ag","severity_score":70,"summary":"Sunflower Health Tech, a health-tech company, suffered a supply chain attack impacting their software, leading to a breach of integrated client data."},{"id":"26bb2880-3843-410a-8f98-54d7d955bb69","entity_name":"Midwest Medical Insurance","reported_date":null,"state":"OH","individuals_affected":250000,"source_type":"state_ag","severity_score":85,"summary":"Third-party vendor data breach exposed customer insurance information."},{"id":"a7b96d21-7799-4715-8768-cc68f581eeaa","entity_name":"Capital Health","reported_date":null,"state":"NJ","individuals_affected":200000,"source_type":"state_ag","severity_score":85,"summary":"Ransomware attack compromised patient data, including clinical and billing information."},{"id":"dacd8615-2ebb-4ab9-a947-8d0431606e28","entity_name":"University of California, San Francisco","reported_date":null,"state":"CA","individuals_affected":1200000,"source_type":"state_ag","severity_score":95,"summary":"UCSF reported a data breach impacting patient data due to a cybersecurity incident affecting third-party vendor systems."},{"id":"de208971-70fd-4c3a-a2cb-1f8bfbf331bd","entity_name":"Delta Dental of Indiana","reported_date":null,"state":"IN","individuals_affected":500000,"source_type":"state_ag","severity_score":85,"summary":"Third-party vendor data breach. Patient names, addresses, dates of birth, Social Security numbers, and health information were potentially exposed."},{"id":"fc9315fa-696f-4436-adee-0aff52e24aba","entity_name":"Indiana University Health","reported_date":null,"state":"IN","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"Indiana University Health detected unauthorized access to an internal database containing patient information. The breach was quickly contained, but certain patient demographics and appointment details were exposed."},{"id":"181a05b5-9e55-45a6-a702-d5fc3d089033","entity_name":"Midwest Health Alliance","reported_date":null,"state":"IN","individuals_affected":180000,"source_type":"state_ag","severity_score":85,"summary":"Third-party vendor data breach impacting patient scheduling and billing systems."},{"id":"df749a2b-c06d-4d03-8a6e-78d2ef4fab2b","entity_name":"Welltok, Inc.","reported_date":null,"state":"ND","individuals_affected":8490318,"source_type":"state_ag","severity_score":95,"summary":"Impacted individuals received a notice from Welltok, which experienced a data breach stemming from a MOVEit Transfer attack, where an unauthorized third party exploited a vulnerability to access files."},{"id":"a933217a-a627-42d2-b294-42b2ee47b185","entity_name":"Drivestream Inc.","reported_date":null,"state":"WA","individuals_affected":505,"source_type":"state_ag","severity_score":30,"summary":"Breach at Drivestream Inc."},{"id":"822651af-00fb-4e61-a880-33de83d0efd0","entity_name":"PIH Health, Inc.","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"dc8db8a4-69bc-4110-80b1-7b20960dabff","entity_name":"Nuance Communications (Business Associate of Geisinger Health)","reported_date":"2026-03-17","state":null,"individuals_affected":1200000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A former Nuance Communications employee illegally accessed more than 1.2 million Geisinger patient records after his employment was terminated."},{"id":"7f8f9aad-7efc-47c4-91ed-fd510e96dbae","entity_name":"Oscar Health, Inc., on behalf of its affiliated covered entities: Oscar Health Plan, Inc.; Oscar Insurance Company of Florida; Oscar Health Plan of Ge","reported_date":"2026-04-02","state":"NY","individuals_affected":91350,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"2a90954d-2284-4531-9b8b-d6e45599eeff","entity_name":"Lakeside Pediatrics & Adolescent Medicine, PLLC","reported_date":null,"state":"WA","individuals_affected":1314,"source_type":"state_ag","severity_score":50,"summary":"Breach at Lakeside Pediatrics & Adolescent Medicine, PLLC"},{"id":"d6dcc932-27b4-4096-9767-66b861a66d6d","entity_name":"French Health Ministry (via third-party vendor)","reported_date":"2026-03-19","state":null,"individuals_affected":15000000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Administrative details and medical notes of over 15 million people in France were hacked due to a breach involving third-party vendors/business associates."},{"id":"e92c1d07-76b6-4271-8114-92d67f287e7c","entity_name":"Nephrology Associates Medical Group, Inc","reported_date":"2026-04-06","state":"CA","individuals_affected":4631,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"6fb61937-c75a-4e85-b025-80ab34e28e22","entity_name":"Boston Mountain Rural Health Center, Inc.","reported_date":"2026-04-06","state":"AR","individuals_affected":4800,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"e28bd2f9-6545-47d7-adc3-7f89d597ad39","entity_name":"Jackson Hospital and Clinic","reported_date":"2026-04-06","state":"AL","individuals_affected":13910,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"59772fb9-3d1c-48bd-ae26-fc4801822ab3","entity_name":"Aetna","reported_date":"2026-04-09","state":"CT","individuals_affected":775,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"d251f28b-2a33-433c-a13e-7d5643e9642e","entity_name":"MediMap","reported_date":"2026-03-16","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. MediMap, a medication management platform in New Zealand used by providers in aged care, disability services, hospices, and community health, went offline after hackers breached its system and reportedly changed some patient details."},{"id":"8dd13e0b-f6e4-4cad-bdca-b515e9d80514","entity_name":"Geisinger Health","reported_date":"2026-03-16","state":null,"individuals_affected":1200000,"source_type":"modeled_breach","severity_score":60,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. A former Nuance employee, a business associate of Geisinger Health, admitted breaching more than 1.2 million Geisinger patient records after his employment was terminated but he still had access."},{"id":"379c1645-3556-4aa7-afe7-1e3b0d6e3905","entity_name":"Orthopaedic Institute of Western Kentucky","reported_date":"2026-04-27","state":"KY","individuals_affected":11474,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"4a570e61-9b59-4d5a-9a6c-27189bba3530","entity_name":"French Health Ministry","reported_date":"2026-03-16","state":null,"individuals_affected":15000000,"source_type":"modeled_breach","severity_score":54,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. France's health ministry reported that administrative details and medical notes on more than 15 million people were hacked."},{"id":"60943a4a-8a21-4d80-a34e-21d58021bcb4","entity_name":"Lakeside Pediatrics & Adolescent Medicine, PLLC","reported_date":"2026-04-06","state":"ID","individuals_affected":34154,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"f8bf3d32-f41e-4f9a-b035-e8eaf6f5382e","entity_name":"CenterWell ACE/Home Solutions","reported_date":"2026-04-02","state":"KY","individuals_affected":9651,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"5d4f91d0-acac-4ac6-b4ab-5d85111b640a","entity_name":"third-party vendors","reported_date":"2026-03-16","state":null,"individuals_affected":15000000,"source_type":"modeled_breach","severity_score":48,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. Administrative details and medical notes on more than 15 million people in France were hacked due to third-party vendors/business associates."},{"id":"c98f69e2-83f8-4658-ab3c-26e53524cb17","entity_name":"New American Funding, LLC (Figure Lending, LLC had incident)","reported_date":null,"state":"WA","individuals_affected":699,"source_type":"state_ag","severity_score":30,"summary":"Breach affecting New American Funding, LLC (Figure Lending, LLC had incident) reported on 2026-02-27, impacting 699 individuals. Data exposed includes Name, Social Security Number, Financial & Banking Information, and Full Date of Birth."},{"id":"791e4632-5f3e-4115-85ef-74bac6088259","entity_name":"Providence St. Joseph Orange","reported_date":"2026-04-27","state":"CA","individuals_affected":11329,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"de43c4cb-d1f3-46f2-afde-e6e4a8c42886","entity_name":"IPPC Inc., IPPC of New York LLC, and Innovative Pharmacy LLC (collectively “IPPC”)","reported_date":"2026-04-08","state":"NJ","individuals_affected":133862,"source_type":"hhs_breach","severity_score":85,"summary":""},{"id":"73d46bdc-8a71-40f0-8b12-4abcdf43bd8a","entity_name":"BMG of Kansas, Inc.","reported_date":"2026-03-23","state":"KS","individuals_affected":1327,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"32286ee2-e714-46f6-93a1-ee074b9951bf","entity_name":"Manhattan Retirement Foundation d/b/a Meadowlark Hills","reported_date":"2026-03-11","state":"KS","individuals_affected":14442,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"df20cc78-e047-4377-b65b-4e8af0d3c100","entity_name":"AltaMed Health Services Corporation","reported_date":"2026-03-23","state":"CA","individuals_affected":501,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"47931e40-54f0-4a93-bb5b-7de35e030dae","entity_name":"Bolt Solutions Inc. (“bolt”)","reported_date":null,"state":"WA","individuals_affected":140249,"source_type":"state_ag","severity_score":85,"summary":"Breach affecting Bolt Solutions Inc. (“bolt”) reported on 2026-02-26, impacting 140249 individuals. Data exposed includes Name and Full Date of Birth."},{"id":"f3fdc12d-3ca5-45c1-9b44-6751720cc3d0","entity_name":"University of Michigan Health Plan","reported_date":"2026-04-06","state":"MI","individuals_affected":2315,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"bb03935a-9114-472e-9ee0-b4d796e01b64","entity_name":"Premera Blue Cross","reported_date":null,"state":"ME","individuals_affected":11000000,"source_type":"state_ag","severity_score":95,"summary":"Cyberattack on Premera Blue Cross systems resulted in exposure of personal and medical information belonging to 11 million members. This included clinical information, financial data, and Social Security numbers."},{"id":"2dcccc89-a266-4f33-823e-58b770f45881","entity_name":"Commonwealth Care Alliance","reported_date":"2026-03-18","state":"MA","individuals_affected":634,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"0a577bcc-e2e0-4eeb-a85e-93385800fa63","entity_name":"Cisco SD-WAN - Cisco SD-WAN Path Traversal Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user."},{"id":"f2de6e87-12df-45e3-a422-9f29cbb2c98d","entity_name":"Pyramid Global Hospitality (Pyramid Advisors Limited Partnership)","reported_date":null,"state":"WA","individuals_affected":3434,"source_type":"state_ag","severity_score":50,"summary":"Breach at Pyramid Global Hospitality (Pyramid Advisors Limited Partnership)"},{"id":"1f0020b0-b257-47a5-bd2c-d52bc99c8373","entity_name":"UFP Technologies","reported_date":"2026-03-16","state":null,"individuals_affected":null,"source_type":"modeled_breach","severity_score":40,"summary":"⚡ Projected from news reports · Not yet confirmed by HHS. UFP Technologies, an American manufacturer of medical devices, disclosed that a cybersecurity incident compromised its IT systems and data."},{"id":"d7bcd06d-1b4b-40f3-a691-102a72d19826","entity_name":"CommonSpirit Health (Pinnacle Holdings, LTD)","reported_date":null,"state":"WA","individuals_affected":19027,"source_type":"state_ag","severity_score":70,"summary":"Breach at CommonSpirit Health (Pinnacle Holdings, LTD)"},{"id":"bc63374f-2f53-4df0-91a8-2dc321522fa7","entity_name":"Cisco Catalyst SD-WAN Controller and Manager - Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability","reported_date":null,"state":null,"individuals_affected":null,"source_type":"cisa_advisory","severity_score":60,"summary":"Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric."},{"id":"5bb7737a-d0f5-4291-96d0-96970f0ba4b6","entity_name":"Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Healthcare related data breach."},{"id":"d7c4f0d9-595d-4055-b67b-09ab5643c236","entity_name":"Prairie View Healthcare, Inc.","reported_date":"2026-04-02","state":"OK","individuals_affected":700,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"643be2ee-9260-4a2b-b97d-9af15fcfb7bf","entity_name":"Adapt Oregon Health Care","reported_date":null,"state":"OR","individuals_affected":2908,"source_type":"state_ag","severity_score":50,"summary":"Breach notification from Adapt Oregon Health Care."},{"id":"6aa98c61-b695-4b54-9391-a607dc1d8a41","entity_name":"AccentCare","reported_date":"2026-04-02","state":"TX","individuals_affected":19772,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"57061d6a-636d-4075-a81f-8b39a5365f14","entity_name":"Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group","reported_date":"2026-03-23","state":"WA","individuals_affected":11795,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"00406c7e-ab9a-4d76-bb82-d0c01e8e6e83","entity_name":"HealthEC LLC","reported_date":null,"state":"ND","individuals_affected":4479116,"source_type":"state_ag","severity_score":95,"summary":"Impacted individuals received a notice from HealthEC LLC, which experienced a data breach where an unauthorized third party accessed its network."},{"id":"9b72cf17-c10a-45a6-87a6-74201316fc89","entity_name":"QualDerm Partners, LLC","reported_date":null,"state":"OR","individuals_affected":3117874,"source_type":"state_ag","severity_score":95,"summary":"Breach notification from QualDerm Partners, LLC."},{"id":"e6a02950-4010-4e83-87c3-b1479c524dac","entity_name":"Weill Cornell Medicine","reported_date":"2026-03-18","state":"NY","individuals_affected":516,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"d076b838-67b8-4d8f-9038-768fe0045e2b","entity_name":"QualDerm Partners, LLC","reported_date":"2026-03-23","state":"TN","individuals_affected":3117874,"source_type":"hhs_breach","severity_score":95,"summary":""},{"id":"d05b9374-ad0e-4db4-bfeb-7f9bf227b8f8","entity_name":"21st Century Oncology","reported_date":null,"state":"WI","individuals_affected":2200000,"source_type":"state_ag","severity_score":95,"summary":"21st Century Oncology discovered a data breach affecting patient information. The exposed data includes names, Social Security numbers, physician names, diagnoses, and treatment information. The company learned of the breach from the FBI, which had identified that a third-party had illegally accessed patient data. The company provides cancer care services."},{"id":"a479e7fe-768b-48ca-929a-a4b47af0980a","entity_name":"Workers Compensation Insurance Rating Bureau of California","reported_date":null,"state":"CA","individuals_affected":null,"source_type":"state_ag","severity_score":30,"summary":"Unknown healthcare-related data breach."},{"id":"675929e4-886f-41d1-a454-0da26daaada7","entity_name":"Phishing Email","reported_date":null,"state":null,"individuals_affected":null,"source_type":"internal_incident","severity_score":70,"summary":null},{"id":"a8b803f9-0b6a-45f9-98be-61f0a5bfcc44","entity_name":"The Center for Advanced Eye Care","reported_date":"2026-03-23","state":"ME","individuals_affected":9300,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"f97d021d-bb5e-4a4b-9250-f5c9dd8b3fe8","entity_name":"Option Care Health, Inc.","reported_date":"2026-03-23","state":"IL","individuals_affected":2086,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"eec55fb3-9d3f-4889-abcb-56f5daaa8f04","entity_name":"Humana Inc.","reported_date":null,"state":"WI","individuals_affected":100000,"source_type":"state_ag","severity_score":70,"summary":"Humana Inc., a health insurance company, reported a data breach impacting protected health information. The breach involved unauthorized access to internal systems."},{"id":"ff0817ca-1968-4d12-ad6d-76ff14c08947","entity_name":"Volunteer State Lab Services","reported_date":null,"state":"TN","individuals_affected":60000,"source_type":"state_ag","severity_score":70,"summary":"Malware incident resulted in the compromise of patient lab results and ordering physician information."},{"id":"29539752-4f8d-44fa-891c-9ed670631148","entity_name":"DC Medical Research Institute","reported_date":null,"state":"DC","individuals_affected":8000,"source_type":"state_ag","severity_score":50,"summary":"A phishing attack successfully compromised an employee account at DC Medical Research Institute, leading to the exposure of research participant data."},{"id":"0f21fbfd-7f27-4e61-8278-4e45a184cd8e","entity_name":"Inova Health System","reported_date":null,"state":"MD","individuals_affected":12000,"source_type":"state_ag","severity_score":70,"summary":"Ransomware attack resulted in the encryption of certain systems and potential data exfiltration."},{"id":"4c39eda9-b21f-4c01-84af-843bba3db9b1","entity_name":"Badlands Behavioral Health","reported_date":null,"state":"ND","individuals_affected":10000,"source_type":"state_ag","severity_score":50,"summary":"Ransomware attack on server containing mental health records."},{"id":"f61e1fc4-2412-42a5-b0a3-4299aa8c3896","entity_name":"Sunshine Health Plans","reported_date":null,"state":"FL","individuals_affected":150000,"source_type":"state_ag","severity_score":85,"summary":"A vendor's misconfiguration of a cloud-based server exposed member data."},{"id":"81ab3b5e-c53c-4630-9628-c94f738ed8dd","entity_name":"Hawaii Health Partners","reported_date":null,"state":"HI","individuals_affected":5000,"source_type":"state_ag","severity_score":50,"summary":"A phishing incident resulted in unauthorized access to employee email accounts containing patient scheduling and limited medical information."},{"id":"6c18bdd0-5d10-461c-ac53-47cd3e4cb995","entity_name":"VNS Behavioral Health Inc. (“VNS Health”)","reported_date":"2026-03-24","state":"NY","individuals_affected":739,"source_type":"hhs_breach","severity_score":30,"summary":""},{"id":"2d1ffe12-ba28-46eb-862f-7443e1a543c6","entity_name":"Builders FirstSource Flex Plan","reported_date":"2026-03-30","state":"TX","individuals_affected":1514,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"9537058f-fe6e-4d70-90eb-6e6430d4e58b","entity_name":"Emanuel Medical Center","reported_date":"2026-03-24","state":"GA","individuals_affected":28963,"source_type":"hhs_breach","severity_score":70,"summary":""},{"id":"72dcfe35-303b-42ff-9556-882be34c37e2","entity_name":"Easterseals Northeast Indiana","reported_date":"2026-03-18","state":"IN","individuals_affected":3158,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"d5283363-bfe1-4b74-b038-9e9701c97223","entity_name":"44North","reported_date":"2026-03-11","state":"MI","individuals_affected":2158,"source_type":"hhs_breach","severity_score":50,"summary":""},{"id":"8d586acb-e415-4aff-bf1b-2c27ccba2469","entity_name":"Southern Health System","reported_date":null,"state":"GA","individuals_affected":75000,"source_type":"state_ag","severity_score":70,"summary":"Phishing attack led to unauthorized access of employee email accounts containing patient data."},{"id":"627c2ee5-091a-4e5c-92d4-6ded9bb45c8f","entity_name":"New Jersey Health Insurers","reported_date":null,"state":"NJ","individuals_affected":300000,"source_type":"state_ag","severity_score":85,"summary":"Cyberattack on a claims processing vendor, leading to the exposure of insured members' financial and health data."},{"id":"0da8c827-d71d-480a-9054-aa9c3b5dc498","entity_name":"Pine Ridge Mental Health Services","reported_date":null,"state":"SC","individuals_affected":2500,"source_type":"state_ag","severity_score":50,"summary":"Email account compromise led to unauthorized access to therapy session notes."},{"id":"1b4b554c-5a07-49a7-ada8-a4e182604fa3","entity_name":"Anthem, Inc.","reported_date":null,"state":"WI","individuals_affected":37000000,"source_type":"state_ag","severity_score":95,"summary":"Anthem, Inc. (now Elevance Health) experienced a data breach impacting current and former members. The breach exposed names, dates of birth, Social Security numbers, medical IDs, addresses, and employment information."},{"id":"7809fbcc-8947-46ef-9485-5352d51c0ca3","entity_name":"SoonerCare Health Group","reported_date":null,"state":"OK","individuals_affected":12300,"source_type":"state_ag","severity_score":70,"summary":"Phishing attack led to unauthorized access of employee email accounts, exposing patient scheduling and billing information."},{"id":"40cd6641-f387-425a-8f4a-04f702a09be5","entity_name":"Integrated Physical Medicine of Arkansas","reported_date":null,"state":"AR","individuals_affected":24000,"source_type":"state_ag","severity_score":70,"summary":"Data breach impacting patient information."}]}