Breach intelligence · TX
42 reported healthcare data breach incidents affecting 14.9M individuals. Sourced from 7 federal and community intelligence feeds. Updated nightly.
42
Incidents reported
14.9M
Individuals affected
Hacking
Top attack vector
Stable
6-month trend
Recent incidents
| Date | Entity | Individuals | Source | Severity |
|---|---|---|---|---|
| May 29, 2026 | Elara Caring | 10,490 | Hhs Breach | High |
| May 27, 2026 | Nacogdoches Memorial Hospital | 2,507,073 | Hhs Breach | Critical |
| May 21, 2026 | NCH Corporation Employee Benefits Plan | 4,055 | Hhs Breach | High |
| May 19, 2026 | Houston Dermatology Specialists | 648 | Hhs Breach | Medium |
| May 15, 2026 | Metrocare | 602 | Hhs Breach | Medium |
| May 14, 2026 | Cullen/Frost Bankers, Inc. | 4,698 | Hhs Breach | High |
| May 14, 2026 | Mays Housecall Home Health, Inc. | 5,208 | Hhs Breach | High |
| May 13, 2026 | Integrated Pain Associates | 500 | Hhs Breach | Medium |
| May 11, 2026 | Austin Plastic and Reconstructive Surgery | 4,266 | Hhs Breach | High |
| May 10, 2026 | Interim HealthCare of Lubbock | 2,071 | Hhs Breach | High |
| May 10, 2026 | Interim HealthCare of Amarillo | 666 | Hhs Breach | Medium |
| May 10, 2026 | Liberty Bankers Life Ins. Co. | 20,202 | Hhs Breach | High |
| May 6, 2026 | Centers for Medicare and Medicaid Services (CMS) | 0 | Modeled Breach | Medium |
| Apr 29, 2026 | BeyondFaith Homecare & Rehab, LLC | 708 | Hhs Breach | Medium |
| Apr 27, 2026 | Lennox International Inc. | 3,709 | Hhs Breach | High |
| Apr 21, 2026 | Barrio Comprehensive Family Health Care Center | 19,971 | Hhs Breach | High |
| Apr 21, 2026 | Health Center of Southeast Texas | 2,389 | Hhs Breach | High |
| Apr 20, 2026 | Bloom Circle, Inc. d/b/a Lena Health | 3,651 | Hhs Breach | High |
| Apr 20, 2026 | North Texas Behavioral Health Authority | 285,086 | Hhs Breach | Critical |
| Apr 10, 2026 | Texas Health and Human Services Commission | 68,066 | Hhs Breach | High |
Swipe to view full table →
Most affected entities
#1
2
incidents
7K
individuals
#2
2
incidents
2.8M
individuals
#3
2
incidents
300K
individuals
#4
1
incidents
10K
individuals
#5
1
incidents
0
individuals
Attack vectors
Breakdown of breach types reported across 42 incidents in Texas. Understanding which vectors dominate helps practices prioritize their security controls.
Texas compliance requirements
Beyond federal HIPAA requirements, Texas has its own breach notification law that may impose additional obligations on healthcare practices operating in the state.
Tex. Bus. & Com. Code § 521.053
Notification deadline
60 days
Matches HIPAA's 60-day notification requirement.
Attorney General notification
Required (250+ individuals)
Comprehensive consumer data privacy law with broad applicability. Includes requirements for data protection assessments, opt-out mechanisms, and data minimization.
Texas has additional healthcare-specific privacy protections that exceed HIPAA in certain areas, including restrictions on re-disclosure of medical records.
The Texas AG has been among the most aggressive in pursuing breach notification violations, with settlements in the millions.
This is a general reference based on current Texas law. Consult legal counsel for state-specific compliance obligations. Source: Tex. Bus. & Com. Code § 521.053. Verified April 2026.
Protect your Texas practice
Patient Protect gives independent practices real-time compliance monitoring, breach prevention, and secure workflows — so your practice stays out of this database. Starting at $39/month.
14-day free trial · No charge until trial ends
FAQ
Patient Protect tracks 42 reported healthcare data breach incidents in Texas, affecting approximately 14.9M individuals. Data is sourced from HHS OCR, State Attorney General offices, FTC enforcement, and community intelligence — updated nightly.
The most frequently reported breach vector in Texas is Hacking/IT Incident, accounting for 34 of 42 incidents. Unauthorized Access/Disclosure is the second most common with 4 incidents.
Independent healthcare practices are the fastest-growing target for healthcare cyberattacks nationwide — attacks on small providers have increased 6x since 2021. Texas practices face the same threat landscape with fewer resources to defend against it. Patient Protect provides breach prevention specifically for independent practices starting at $39/month.
Texas requires breach notification within 60 days, and requires notification to the Attorney General when 250 or more individuals are affected. These requirements apply in addition to federal HIPAA's 60-day notification deadline. Reference: Tex. Bus. & Com. Code § 521.053.
Explore the full breach intelligence dashboard with 12 analytical views, risk forecasting, and attack chain visualization.
Open full dashboardData Disclaimer: This data is aggregated from publicly available sources including the HHS OCR Breach Portal, FTC, state AG databases, CISA advisories, and curated reporting. Certain records are algorithmically modeled from news sources and labeled accordingly. Data is provided “as-is” for informational purposes only. Inclusion of any entity does not imply wrongdoing. Users must independently verify information before relying on it. See Terms of Use.
Editorial coverage · From our partner publication
Editorial analysis of the breaches and enforcement actions reshaping Texas's threat landscape. From the Patient Protect publication.
May 25, 2026 · Breach
Radiology Associates of Richmond disclosed a data breach affecting 266,000 individuals after threat actors exfiltrated files containing names and protected health information from its systems.
Read on HIPAA Pulse
May 22, 2026 · Breach
Radiology Associates of Richmond disclosed a second data breach in under two years, with the latest incident affecting 266,000 patients and reported to Maine's Attorney General in May 2026.
Read on HIPAA Pulse
May 22, 2026 · Breach
Verizon's 2026 Data Breach Investigations Report finds healthcare facing a sharper threat from social engineering while ransomware and third-party vendor compromises continue to drive significant breach volume across the sector.
Read on HIPAA Pulse
May 18, 2026 · Breach
A healthcare software vendor serving the congressional physician's office was breached in early March, exposing prescription data — but lawmakers were not notified until more than two months after the intrusion.
Read on HIPAA Pulse
May 16, 2026 · Litigation
A federal jury in Michigan convicted a home health care agency owner and nurse of running a $1.6 million Medicare fraud scheme built on stolen patient records from 2018 to 2021.
Read on HIPAA Pulse
May 13, 2026 · Breach
OpenLoop Health, a telehealth platform serving independent practices and health systems, disclosed a January 2025 breach that exposed personal data belonging to roughly 716,000 individuals.
Read on HIPAA Pulse
HIPAA Pulse is the editorial publication of Patient Protect. PP’s HIPAA Response translates each story into operational guidance.
