Every month we release a summary of the previous month’s healthcare breaches, and determine the leading cause behind that month’s breaches. In May 2021, there were 60 breaches reported, affecting 6,521,871 patients. Of these breaches, 46 affected healthcare providers, 10 affected health plans, 7 affected business associates, and one affected a healthcare clearinghouse. More details regarding May healthcare breaches are discussed below.

2021 May Healthcare Breaches

2021 May Healthcare Breaches and Hacking Incidents

The leading cause behind May healthcare breaches was hacking incidents, with 46 incidents affecting 6,419,108 patients. Hacking incidents represented 98.42% of patients affected by healthcare breaches in May. 

These hacking incidents stemmed from different types of hacks including:

  • Network server, affecting 2,962,969 patients, representing 46.16% of patients affected by hacking
  • Email, affecting 200,591 patients, representing 3.12% of patients affected by hacking
  • Other, affecting 3,255,548 patients, representing 50.72% of patients affected by hacking

37 Healthcare Providers, 1,299,821 patients affected, representing 20.25% of patients affected by hacking:

  • Wirt County Health Services Association d/b/a Coplin Health Systems: 2,164 patients affected
  • Hoboken Radiology LLC: 80,000 patients affected
  • Monroe County Health Center: 500 patients affected
  • Williamson Health and Wellness Center, Inc.: 1,688 patients affected
  • Five Rivers Health Centers: 155,748 patients affected
  • Lafourche Medical Group: 34,862 patients affected
  • Sturdy Memorial Hospital: 57,379 patients affected
  • Stanford University School of Medicine: 2,200 patients affected
  • TidalHealth Peninsula Regional: 4,070 patients affected
  • Laird Hospital, Inc.: 1,092 patients affected
  • Harper County Community Hospital: 5,725 patients affected
  • HC Watkins Memorial Hospital: 634 patients affected
  • Westwood Obstetrics and Gynecology (“Westwood”): 12,931 patients affected
  • Beech Acres Parenting Center: 500 patients affected
  • Massena Hospital: 1,897 patients affected
  • Scott Regional Hospital: 1,056 patients affected
  • Swedish Covenant Health DBA Swedish Hospital: 4,206 patients affected
  • Rehoboth McKinley Christian Health Care Services: 207,195 patients affected
  • Southwestern Indiana Regional Council on Aging: 4,250 patients affected
  • Bayhealth Medical Center, Inc.: 565 patients affected
  • Trinity Health System – Twin City: 9,579 patients affected
  • San Diego Family Care: 125,500 patients affected
  • CareSouth Carolina, Inc.: 76,035 patients affected
  • Internal Medicine Associates of Jasper, PC, dba Prestige Medical Group: 34,203 patients affected
  • SAC Health Systems: 28,128 patients affected
  • Nocona General Hospital: 3,254 patients affected
  • MidMichigan Health Services: 2,800 patients affected
  • Charles Cole Memorial Hospital, d/b/a UPMC Cole: 7,376 patients affected
  • Our Lady of Lourdes Memorial Hospital Inc., : 1,745 patients affected
  • St. Agnes Healthcare Inc.: 2,821 patients affected
  • Ascension Standish Hospital: 1,705 patients affected
  • Ascension St. Joseph Hospital: 5,807 patients affected
  • Brownsville Community Health Center dba New Horizon Medical Center: 4,258 patients affected
  • Tyler Family Circle of Care: 1,860 patients affected
  • Orthopedic Associates of Dutchess County: 331,376 patients affected
  • Monadnock Community Hospital: 14,340 patients affected
  • Arizona Asthma and Allergy Institute: 70,372 patients affected

6 Business Associates, 5,112,264 patients affected, representing 79.64% of patients affected by hacking:

  • SEIU 775 Benefits Group: 140,000 patients affected
  • Dean Health Servicing Company: 1,025 patients affected
  • LogicGate: 47,035 patients affected
  • 20/20 Eye Care Network, Inc: 3,253,822 patients affected
  • Community Access Unlimited: 13,813 patients affected
  • NEC Networks, LLC d/b/a CaptureRx: 1,656,569 patients affected

3 Health Plans, 7,023 patients affected, representing 0.11% of patients affected by hacking:

  • Arkansas Health and Wellness Health Plan: 3,627 patients affected
  • Buckeye Health Plan: 2,334 patients affected
  • InVue Security Products, Inc. Employee Group Health Plan : 1,062 patients affected

Let’s Simplify Compliance

Cybersecurity and HIPAA compliance go hand-in-hand. Protect your business by becoming HIPAA compliant today!

Learn More!
HIPAA Seal of Compliance