HIPAA Pulse

HIPAA Breach News & Alerts

Healthcare breaches cost $9.8 million on average — the highest of any industry. Attacks on independent providers have increased 6x since 2021. HIPAA Pulse tracks every reported breach as it happens, with editorial analysis focused on what independent practices need to know and do. Every incident below includes a breakdown of what happened, what data was exposed, and how Patient Protect's active breach prevention could have helped.

Today

BREACHMay 27

Lithuania investigates theft of 600,000 state registry records

Daryna Antoniuk reports: The Lithuanian Prosecutor General’s Office said Friday that attackers gained unauthorized access to more than 600,000 records managed by the Centre of Registers, the state agency responsible for handling property and legal entity records. Prosecutors said the breach involved the misuse of login credentials assigned to institutions authorized to access the databases, and likely... Source

DataBreaches.net

BREACHMay 27

NL: Schiphol cargo worker arrested over alleged data leaks to drug networks

NL Times reports: The Royal Netherlands Marechaussee detained a 24-year-old Amsterdam-based cargo worker at Schiphol on Tuesday, May 19, on suspicion of unauthorized access to computer systems and the leaking of confidential company information, Luchtvaart Nieuws has reported. According to the ongoing investigation, the suspect allegedly used his access to a cargo handling company’s systems at the... Source

DataBreaches.net

This Week

BREACHMay 25

PowerSchool’s $17.25 Million Settlement Exposes Years of Student Data Tracking

If you ask most people what breach PowerSchool experienced, their first response might be the 2024 hacking incident that affected tens of millions of students. But even before that breach, there was another significant breach involving PowerSchool that began in 2021. Colin Lee and Koji Edmunds report: In early April, many students across the world... Source

DataBreaches.net

BREACHMay 25

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack. The post Ghost CMS Vulnerability Exploited to Hack Over 700 Websites appeared first on SecurityWeek.

Security Week

BREACHMay 25

266,000 Affected by Data Breach at Radiology Associates of Richmond

Threat actors stole files containing names and protected health information from the healthcare organization’s systems. The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on SecurityWeek.

Security Week

BREACHMay 25

DocketWise Data Breach Impacts 143,000

Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories. The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek.

Security Week

Earlier

BREACHMay 23

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages. [...]

Bleeping Computer

BREACHMay 23

Rhode Island's workers' compensation notifies those affected by January data breach

Rhode Island residents may understandably wonder about the state's vendor security monitoring. First, it was the Deloitte and the RIBridges data breach that affected more than 730,000 residents. Now the vendor that administers the state's workers' compensation insurance has disclosed a breach affecting 131,000 residents, including 4,500 former and current state employees. Alexander Castro reports:... Source

DataBreaches.net

BREACHMay 23

UK: Victims feel 'violated' after water firm's data breach

Oprah Flash reports: "Violated" and being "unable to trust" have been the feelings plaguing victims of a cyber attack on a Midlands-based water company. The personal data of 633,887 people was stolen and published on the dark web, after South Staffs Water was hacked in 2020. Customers said they faced a deluge of scam emails... Source

DataBreaches.net

BREACHMay 22

Radiology Associates of Richmond discloses second data breach; 266k people affected

On July 1, 2025, Radiology Associates of Richmond ("RAR") reported a breach to HHS that had occurred in April 2024 and affected more than 1.4 million patients. By the end of July 2025, the well-known radiology practice had experienced a second breach. The second breach, recently reported to the Maine Attorney General's Office on May... Source

DataBreaches.net

BREACHMay 22

Trump Mobile confirms it exposed customers’ personal data, unclear whether it will notify those affected

Lorenzo Franceschi-Bicchierai reports: Phone provider Trump Mobile has confirmed that it was exposing customers’ names, email addresses, mailing addresses, cell numbers, and order identifiers to the open internet. Chris Walker, a spokesperson for the Trump-branded phone maker, told TechCrunch that the company is investigating the exposure and has not found evidence that content or financial... Source

DataBreaches.net

BREACHMay 22

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

Ransomware and vendor breaches persist, but the 2026 Data Breach Investigations Report (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.

Dark Reading

12 of 56 articles

Want to take action? Track breaches in real time→

Get HIPAA Pulse delivered.

Curated breach alerts and compliance intelligence — before the workday starts.

No spam. Unsubscribe anytime.