Greatest Healthcare Data Breaches of 2019

Dec 23, 2019

Unfortunately, 2019 has been a big year for hackers. From January, cyberattacks have been impacting a countless number of individuals, especially within the Healthcare industry. With it being a big target, we have gathered some of the Greatest Healthcare Data Breaches of 2019.


January 2019: Inmediata Health Group

Due to a misconfigured database, 1.57 million Inmediata Health Group patients had fallen victim to a personal health data breach. Officials found a search engine function that was allowing internal webpages to be indexed, exposing electronic information. To make matters worse, patients who were to be notified of the breach were sent the wrong letters during the process.

February 2019: Columbia Surgical Specialist of Spokane

A ransomware attack impacted 400,000 patients. Information about this breach is very limited, but it has been reported that Columbia Surgical Specialist did not pay the ransom and was able to restore data from backups.

February 2019: UW Medicine

974,000 patients were exposed online for three weeks due to a misconfigured server. This was due to an employee error that allowed internal information to be accessed to the public. However, it was not discovered until a patient conducted a search of their own, coming across their personal files.

March 2019: Wolverine Solutions Group

A ransomware attack compromised a wide range of data from a host of clients, including demographic details and Social Security numbers. It 's not clear exactly how many people were affected, but it has been estimated to be over half a million!

March 2019: Oregon Department of Human Resources

A breach caused by a massive phishing campaign led to 625,000 patients and 2.5 million emails being compromised. Hackers were able to gain access to internal information by sending malicious emails to employees, asking them to provide their user credentials. Information accessed includes case numbers, SSN and PHI.

March 2019: Zoll Services

The personal and medical data of over 277,319 patients was compromised due to a server migration error. Exposed emails were found during a routine server migration. The compromised information includes dates of birth, medical information, SSN and demographic details.

April 2019: Dominion National

A nine-year hack on its servers potentially breached the data of 2.96 million patients. An investigation was prompted after an internal alert exposed unauthorized access to its systems. The unauthorized access was dated back as early as August 2010.

May 2019: American Medical Collection Agency

The AMCA was hacked for eight months, so far affecting up to 12 million patients from Quest Diagnostics. It is still unclear the total number of patients affected since most of the impacted providers are still going under investigation for the breach.

Written by

Yossi Ze'evi

Recent Posts

  • 1

    The Difference Between Remediation and Mitigation

    Kent Weigle October 15, 2021
  • 2

    Vulnerability Remediation Guidelines

    Kent Weigle October 14, 2021
  • 3

    What is Vulnerability Remediation?

    Kent Weigle October 08, 2021
  • 4

    Average Time to Remediation Hits 205 Days

    Kent Weigle August 12, 2021
  • 5

    Vulnerability Management: What You Need To Know

    Kent Weigle July 12, 2021

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
    CVE Invaders