Looking back to five years from now, there has been tremendous growth in the frequency and size of healthcare data breaches. Almost 80 million people were affected due to the largest breaches. Information that is highly sensitive, such as names and addresses, social security numbers, to data, regarding one’s health, which includes health insurance information, Medicaid ID numbers, and the medical history or records of a patient, are exposed through healthcare data breaches.

The motive that hides behind the cyber attacks on hospitals, pharmacies, care clinics and health insurance companies, are very clear. It is done to acquire, one could say “juicy details” could be used for identity theft. It is widely regarded that the healthcare industry has a little weaker security than any other industry.

A report from the Security Scorecard places healthcare in the ninth position out of all other industries, in terms of rating the overall security.

It came as a massive challenge for the healthcare industry to promise cybersecurity in the year 2020 when all the organizations and companies worked to combat the crisis during the Covid-19 pandemic. It was simultaneously being knocked with targeted attacks on cyber security.

These led to the biggest recent healthcare data breaches. 

In 2017, a survey from the month of February, held by Accurate, stated that healthcare data breaches affected 26% of consumers from the US. It also found out that 50% of the total breach victims gradually faced medical identity theft, with a total loss of $2500.

Nearly, almost everyone has healthcare data records, within the healthcare system. The threat landscape changes itself with the upcoming years. 

Listed below are the top 10 biggest healthcare data breaches with all the information which were eventually exposed.

1. Anthem Blue Cross( January 2015)- 78.8 million affected

In January 2015, it was historically a bad time for healthcare data. In the largest healthcare breach till date, and hopefully, ever, Anthem stated on January 29 that 78.8 million records of the patients had been stolen. The cyberattack consisted of data that were highly sensitive. It included names, home addresses, social security contact numbers, dates of birth, and much such other information. The victims were mostly health plan members at Anthem, although some among them were non-members because Anthem handled the paperwork for various independent insurance organizations.

2. Premera Blue Cross (January 2015)- 11+ million affected

In 2015 again, Premera Blue Cross disclosed a cyber attack that exposed the medical information of 11 million patients. It exposed claims information, bank account numbers, dates of birth and social security numbers, among other information stored.

It was announced to be the second-largest healthcare data breach just six weeks after the largest healthcare data breach stated earlier.

3. Excellus Bluecross Bluebird ( September 2015)- 10+ million affected

Excellus, in 2015, discovered a massive cyberattack that exposed the private information of approximately 10 million members. After the back-to-back attack taking place in the same year, Excellus went for a forensic review. They discovered it to be the third-largest healthcare data breach in history. It involved financial information, medical data and social security numbers.

4. TRICARE (September 2011)- 4.9 million affected

The Science Applications International Corporation (SAIC) announced that 4.9 hospital patients and military clinics were affected due to a data breach, in TRICARE, which is a military healthcare provider of the federal government. The data was stolen from the car of a SAIC employee. There was no involvement of financial data, but information such as phone numbers, social security numbers and home addresses were exposed.

5. University of California, Los Angeles Health (July 2015)- 4.5 million affected

UCLA disclosed another data breach in the mid-year of 2015. It stated that the hackers had hacked 4.5 million patient’s records. UCLA mentioned that it did not have its patient’s data encrypted, which made the situation worse.

6. Community Health System ( April-June 2014)- 4.5 million affected

Community Health System, which handles 200+ hospitals throughout the US, stated a very major healthcare data breach that affected 4.5 million patients. The breach affected all the people who received treatment in any one CHS’s hospital.

7. Advocate Health Care (August 2013)- 4.03 million affected

Advocate Health Care stated that in 2013, they faced several data breaches which involved computer theft and revealed unencrypted medical records and personal information of 4.03 million patients. In 2016, August, the Advocate agreed to pay $5.55 million in order to settle for a lawsuit that was related to the breach.

8. Medical Information Engineering (July 2015)- 3.9 million affected

Medical Information Engineering, which creates EMR software, declared a data breach, which affected 3.9 million patients and 11 healthcare providers. The patients, who were affected, received notice where it was mentioned that their names, phone numbers, diagnoses and other sensitive information were stolen.

9. Banner Health (August 2016)- 3.62 million affected

A recent healthcare data breach, that took place in Banner Health, exposed the records of 3.62 million patients. The hackers accessed the payment systems data as well as the patient records. The records consisted of names, credit card numbers, birth dates, internal verification codes and other various sensitive information. 

10. Newkirk Products( August 2016)- 3.47 million affected

Newkirk products announced a breach in the data which victimized almost 3.47 million patients. The hackers not only gained access to primary care information but also premium invoice information, names, Medicaid ID numbers, group ID numbers and much other sensitive information.

These were the biggest healthcare data breaches recorded in the history of the healthcare world. And if you want to share more of this with us, do leave your message without any hesitation. 

To gain such useful insights on the healthcare industry, its latest trends, and thefts, do visit our blogs. Do not miss to explore our Contextual Healthcare Intelligence Platform that delivers the best high potential and customized healthcare data to clients from all over the USA and the globe as well. To know more in detail, visit Ampliz or reach out to our data experts at [email protected].

Healthcare Data – Contact Us