In yet another alarming month for healthcare cybersecurity, 1,238,201 patients had their personal and medical information exposed due to 46 data breaches in February 2025. The numbers paint a troubling picture of the industry’s ongoing battle with cyber threats, with hacking and IT incidents continuing to dominate as the leading cause of breaches.
Key Takeaways from February’s Healthcare Breaches
-
Healthcare providers were the hardest hit, accounting for 65.22% (30 breaches) of all incidents.
-
Business associates—third-party vendors handling sensitive data—were responsible for 11 breaches (23.91%).
-
Health plans, including insurance companies, reported 5 breaches (10.87%).
Hacking and IT Incidents: The Biggest Threat
Cyberattacks remain the biggest threat to healthcare security, with 34 breaches (73.91%) caused by hacking or IT incidents. These breaches compromised a staggering 1,102,405 patient records—nearly 90% of all affected individuals. Cybercriminals continue to exploit vulnerabilities in hospital networks, electronic health record (EHR) systems, and third-party platforms, often deploying ransomware or phishing tactics.
Unauthorized Access and Insider Threats
Beyond external cyberattacks, 8 breaches (17.39%) were due to unauthorized access or disclosure, impacting 98,936 patients (7.99%). These incidents often stem from improper employee access, accidental sharing of sensitive information, or insider threats. While not as large-scale as hacking incidents, these breaches highlight the need for better internal security controls and employee training.
Theft of Physical Devices Still a Concern
Even in an increasingly digital world, physical device theft remains a security risk. 4 breaches (8.69%) in February were caused by stolen laptops, hard drives, or paper records, affecting 36,860 patients (2.98%). Stolen devices containing unencrypted patient data continue to pose a significant risk, emphasizing the need for stricter encryption policies and secure data storage practices.
Protecting Patient Data: What’s Next?
With cyber threats showing no signs of slowing down, healthcare organizations must take proactive steps to secure patient data:
-
Enhancing cybersecurity defenses to prevent ransomware and phishing attacks.
-
Implementing stricter access controls to reduce insider threats.
-
Encrypting all sensitive data to mitigate risks from stolen devices.
-
Investing in employee training to ensure staff recognize and avoid security risks.
As healthcare continues to be a prime target for cybercriminals, organizations must remain vigilant. Patients trust healthcare providers to keep their most sensitive information safe—failing to do so can have serious consequences, both financially and reputationally.
If February’s data is any indication, 2025 is shaping up to be another challenging year for healthcare cybersecurity. Now more than ever, it’s crucial for organizations to stay one step ahead of the threats.
