Major Healthcare Data Breaches Impact Nearly 600,000 Individuals in the U.S.

Three major U.S. healthcare organizations have reported significant cybersecurity breaches, collectively affecting nearly 600,000 individuals. The incidents were recently added to the U.S. Department of Health and Human Services (HHS) data breach tracker, highlighting ongoing risks in healthcare cybersecurity.

North Texas Behavioral Health Authority Hit by Largest Breach

The most severe incident involved the North Texas Behavioral Health Authority, affecting approximately 285,000 individuals.

The organization disclosed in March 2026 that it had identified a network intrusion dating back to October 2025. Investigations revealed that unauthorized actors gained access to its systems and potentially exfiltrated sensitive data, including Social Security numbers (SSNs).

As a provider of mental health and substance abuse services, the breach raises serious concerns due to the highly sensitive nature of the compromised information.

Southern Illinois Dermatology Breach Linked to Ransomware Group

The second-largest breach impacted around 160,000 individuals at Southern Illinois Dermatology.

The organization reported that it detected a cybersecurity incident in late November 2025, with an investigation concluding in March 2026 that files containing personal data had been compromised.

Notably, the Insomnia ransomware group claimed responsibility for the attack, listing the provider on its leak site in February and alleging theft of patient data. The group has reportedly released some of the stolen information, escalating the severity of the breach.

Saint Anthony Hospital Email Breach Exposes Patient Data

The third incident involved Saint Anthony Hospital and affected approximately 146,000 individuals.

According to the hospital, the breach resulted from compromised employee email accounts, which exposed both personal and health-related patient information. The intrusion occurred in February 2025.

Although unrelated to this incident, the hospital was targeted by the LockBit ransomware group in 2024, underscoring its ongoing exposure to cyber threats.

Rising Cybersecurity Threats in Healthcare

These incidents highlight the growing vulnerability of healthcare organizations to cyberattacks, particularly ransomware and email-based intrusions. With sensitive patient data at stake, the healthcare sector remains a prime target for cybercriminals.

The scale and frequency of such breaches underscore the urgent need for stronger cybersecurity measures, including enhanced network monitoring, employee training, and robust data protection strategies.

Secure your privacy instantly. Try AstrillVPN with zero risk.

Get AstrillVPN