Patient data breaches doubled in 2023

Health care organizations across the United States are grappling with a significant increase in data breaches, compromising the sensitive patient information they safeguard, according to a report from Atlas VPN. Despite the critical nature of patient data, health care providers face an uphill battle in the face of mounting cyber threats from sophisticated hackers, insider threats, and fundamental security vulnerabilities.

According to data compiled by Atlas VPN, 87 million patients in the United States fell victim to data breaches in 2023, a number that has more than doubled compared to the 37 million affected in 2022.

An alarming surge in data breaches occurred this year, with the first half alone reporting over 41 million individuals' data stolen. The situation worsened in the third quarter when an additional 45 million patients had their information compromised.

In total, the health care sector reported 480 data breaches during the first three quarters of 2023, according to the report. This represents a stark contrast to the 373 breaches recorded for the entire year of 2022, emphasizing the escalating frequency and scale of these cyberattacks.

The most significant breach recorded in 2023 was the HCA Healthcare breach, which affected 11 million individuals.

"The sensitive nature of medical records makes them highly desirable targets for criminals, thus demanding the strongest security standards,” said Vilius Kardelis, a cybersecurity writer at Atlas VPN, in a statement. “Patients deserve to know their most personal information is safe, and providers must ensure that confidence. Health care has to view data protection as being just as critical as patient care."

While health care data breaches have impacted patients nationwide, data analysis has highlighted specific states that have been disproportionately affected. California leads the list with 43 health care organizations reporting data breaches in 2023, which could be attributed to its large population and concentration of health care providers. New York ranks second with 42 reported breaches, followed by Texas with 38. Other states near the top include Massachusetts and Pennsylvania, with 31 and 30 breaches, respectively.

Vermont stands as the only state with no reported health care breaches in 2023.