Health Data Breaches
Healthcare providers handle some of the most sensitive information we have. From Social Security numbers to diagnoses and treatment histories, the data collected by clinics, insurers, and service providers is incredibly valuable — both to doctors and, unfortunately, to cybercriminals. In recent years, a wave of large-scale breaches has highlighted just how fragile healthcare data security can be. One of the latest examples is the Archer Health incident, which demonstrates how even a simple oversight can put thousands of patients at risk.
The Biggest Health Data Exposures
UnitedHealth / Change Healthcare (2024–2025)
The largest U.S. health data breach to date came from a cyberattack on Change Healthcare, part of UnitedHealth Group. According to federal regulators, the breach affected nearly 193 million people. Attackers were able to access a Citrix portal with stolen credentials, bypassing multi-factor authentication. Sensitive billing records, diagnoses, Social Security numbers, and claims data were all believed to be compromised. The incident dwarfs any previous U.S. healthcare breach and highlights the scale of the challenge.
Archer Health, Inc. (2025)
In September 2025, a researcher came across a publicly exposed database connected to Archer Health, Inc., also known as Archer Home Health. The system contained almost 146,000 documents — from PDFs to screenshots — and none were password-protected or encrypted. The files included patient names, contact details, SSNs, treatment records, discharge forms, and even internal healthcare software dashboards.
Access was shut down quickly after disclosure, and Archer Health acknowledged the problem, promising an investigation. Even though the number of records is smaller compared to massive hacks like Change Healthcare, the case is troubling because the exposure was entirely avoidable.
Anthem (2015)
One of the most notorious health insurance breaches, Anthem’s 2015 incident exposed data from over 70 million people. Attackers gained access to customer names, birthdays, addresses, and employment details. It remains one of the largest HIPAA-related breaches on record.
SingHealth (Singapore, 2018)
In Singapore, the records of 1.5 million patients were compromised, including personal identifiers and prescribed medications. This breach was one of the largest healthcare cybersecurity incidents in Asia and exposed the vulnerabilities in national healthcare IT systems.
Vastaamo (Finland, 2020)
A mental health clinic in Finland faced a chilling type of breach: hackers stole patient psychotherapy records and attempted to blackmail both the clinic and its patients. Sensitive therapy notes and personal data ended up being leaked online when ransom demands were not met.
Why These Incidents Matter
Health data is permanent. Unlike credit cards, which can be reissued, once medical details or Social Security numbers are stolen, the impact can last for a lifetime. Criminals use this information for:
- Insurance and billing fraud
- Prescription scams
- Identity theft
- Creation of synthetic identities that can evade detection for years
Federal data shows that between 2018 and 2023, hacking incidents in healthcare grew by 239% and ransomware by 278%. With more providers relying on digital platforms, the sector has become one of the most lucrative targets for attackers.
Lessons for Providers and Patients
For healthcare organizations, the message is clear: compliance with HIPAA is not enough. Providers must encrypt all data, enforce strict access controls with multi-factor authentication, continuously monitor systems for suspicious activity, and avoid practices like embedding patient names in file titles. Regular audits and staff training are also essential.
For patients, vigilance is key. Steps such as reviewing medical bills for errors, monitoring credit reports, enabling two-factor authentication on healthcare portals, and placing fraud alerts with credit bureaus can help reduce the damage if data is compromised.
The Archer Health exposure may not have reached the scale of UnitedHealth’s massive breach, but it underscores how preventable errors can have enormous consequences. Whether through ransomware attacks or simple misconfigurations, healthcare data remains one of the most vulnerable and sought-after assets in the digital economy.
Protecting it requires more than compliance — it requires ongoing vigilance, robust security practices, and a recognition that in healthcare, safeguarding data is part of safeguarding patients.
About The Author
