Healthcare Data Breaches and HIPAA Security Challenges
A cyberattack on NS Support LLC, a neurosurgical healthcare provider, resulted in unauthorized access to its network and the exfiltration of files containing protected health information (PHI) for nearly 93,000 patients. The compromised data included names and medical notes, but not Social Security numbers or financial information. In response, NS Support wiped and rebuilt affected systems, implemented additional security measures, and began reviewing and updating its data security policies. Notification letters were sent to affected individuals, and the incident was reported to the Department of Health and Human Services Office for Civil Rights (HHS OCR).
The healthcare sector continues to face a surge in data breaches, with over 700 large incidents reported annually from 2021 to 2024, compromising the PHI of more than 595 million individuals. Hacking and IT incidents are the primary causes, often facilitated by employee errors or lapses in cyber hygiene. Experts highlight the growing complexity of healthcare data ecosystems, especially with the rise of telehealth, and emphasize the need for robust data classification, continuous monitoring, and adaptive security controls to protect sensitive patient information. Regulatory frameworks like HIPAA remain central, but organizations must go beyond compliance to ensure comprehensive data protection across diverse platforms and partners.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
NS Support notifies nearly 93,000 patients of PHI breach
By December 2025, NS Support disclosed the breach and sent notification letters to affected individuals about the compromise of their protected health information. The company said it had found no evidence of misuse and did not offer credit monitoring because Social Security numbers and financial data were not involved.
Ro security executive warns telehealth data sprawl is outpacing regulation
On 2025-12-16, Ro CIO/CISO Scott Bachand publicly described telehealth's expanding data flows across cloud, mobile, third-party platforms, and AI as a growing security challenge. He said legacy frameworks such as HIPAA lag behind these realities and called for standards-based, zero-trust, data-centric security controls.
NS Support rebuilds systems and adds security measures after breach
Following the May 2025 incident, NS Support engaged third-party digital forensics specialists, wiped and rebuilt affected systems, and implemented additional security measures. The company also began reviewing and updating its data security policies and network security software.
NS Support detects unauthorized access and data exfiltration
On or around 2025-05-29, NS Support LLC detected a hacking-related incident involving unauthorized access to and exfiltration of files from its systems. The compromised data included patient names and medical notes, affecting up to 92,845 individuals.
Healthcare breaches surpass 700 large incidents annually from 2021 to 2024
Between 2021 and 2024, the healthcare sector reported more than 700 large data breaches each year, collectively compromising the protected health information of more than 595 million people. Reporting cited hacking and IT incidents as the dominant category, with employee mistakes and poor cyber hygiene frequently contributing to the root cause.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
PHI of Almost 93,000 Patients Compromised in Cyberattack on NS Support
hipaajournal.com
Open sourceStaff are the Weakest Link in HIPAA Cybersecurity
hipaajournal.com
Open sourceThe messy data trails of telehealth are becoming a security nightmare
helpnetsecurity.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Healthcare Sector Data Breaches and Security Risks in Late 2025
A significant reduction in the number of large healthcare data breaches was reported for October 2025, with only 28 incidents affecting 500 or more individuals, the lowest monthly total since May 2020. However, the number of individuals impacted surged by 540% to over 11 million, largely due to a few major breaches still under investigation. The reporting delay was attributed to a government shutdown that created a backlog at the HHS Office for Civil Rights, potentially causing underreporting for the month. Notably, the Bosch Choice Welfare Benefit Plan disclosed a breach affecting 55,000 members, stemming from a business associate's cybersecurity incident that exposed sensitive personal and health information. The affected business associate also notified other covered entities and implemented additional safeguards in response. Security risks in the healthcare sector remain acute, particularly for small practices with limited IT resources. A technical investigation highlighted the dangers of improper hardware disposal and lack of disk encryption, revealing that sensitive data and password hashes can be easily extracted from discarded computers. Industry experts emphasize that business associates are a major source of breached records, accounting for a disproportionate share of affected individuals despite submitting fewer incident reports. This underscores the need for robust vendor oversight and comprehensive HIPAA compliance strategies, especially for small and mid-sized healthcare organizations.
Mar 21, 2026
Recent Healthcare Data Breaches and Regulatory Actions in the United States
Multiple healthcare organizations across the United States have reported significant data breaches affecting the personal and protected health information of hundreds of thousands of patients and employees. Notable incidents include the compromise of NCH Corporation Employee Benefits Plan data via exploitation of a zero-day vulnerability in Oracle E-Business Suite, a ransomware attack on OrthopedicsNY resulting in a $500,000 fine by the New York Attorney General, and a major breach at Murfreesboro Medical Clinic & SurgiCenter attributed to the BianLian ransomware group. Other breaches involved unauthorized access to patient data at Fyzical Therapy & Balance Centers, exposure of client data through a law firm serving Goldman Sachs, and improper storage of thousands of medical records in a Memphis storage unit. Additionally, Health Share of Oregon and CareOregon notified members of unauthorized viewing of their information, though the exact nature of the incident remains unclear. Regulatory responses have included state attorney general enforcement actions, such as the fine imposed on OrthopedicsNY for failing to implement adequate cybersecurity measures. Organizations affected by these breaches have taken steps such as patching vulnerabilities, enhancing security policies, notifying affected individuals, and offering credit monitoring services. The incidents highlight ongoing risks to healthcare data security from ransomware, insider threats, third-party exposures, and improper data handling, as well as the increasing role of state regulators in enforcing HIPAA compliance and data protection standards.
Mar 21, 2026
Multiple Healthcare Data Breaches and Regulatory Actions in the US
Several healthcare providers in the United States have recently disclosed significant data breaches resulting from cyberattacks, with patient and employee information being compromised. AllerVie Health, based in Texas, confirmed unauthorized access to its network, exposing sensitive data such as names, Social Security numbers, and insurance details, allegedly due to a ransomware attack by the Anubis group. The attackers claim to have stolen records of over 30,000 patients, and affected individuals have been offered credit monitoring and identity theft protection. In a separate incident, OrthopedicsNY, a healthcare provider in New York, suffered a breach in 2023 after attackers gained remote access using compromised credentials, leading to the exposure of data belonging to more than 650,000 patients and employees. The New York Attorney General secured a $500,000 penalty from OrthopedicsNY for failing to implement adequate security measures, and the provider is now required to enhance its data protection practices. Additionally, Singing River Health System in Mississippi reported a cyber incident that led to the temporary shutdown of its patient portal and internet access as a precaution. While the threat was reportedly mitigated, the investigation is ongoing to determine if patient records were accessed. These incidents highlight the ongoing risks faced by healthcare organizations from ransomware groups and other cybercriminals, as well as the increasing regulatory scrutiny and financial penalties for failing to protect sensitive health information. Impacted organizations are responding with offers of credit monitoring and reviews of their security policies, but the breaches underscore the need for robust cybersecurity measures in the healthcare sector.
Mar 21, 2026