A string of cyberattacks targeting healthcare providers across the United States has exposed sensitive personal and medical information belonging to millions of Americans. The stolen data includes Social Security numbers, medical records, health insurance details, financial account information, government-issued identification numbers, and even biometric data such as fingerprints and palm prints.
Major Breaches Reported
The largest breach struck New York City Health and Hospitals, the nation's biggest public healthcare system. Additional attacks hit Western Orthopaedics in Colorado, Community Health Systems in California, Tri-Cities Gastroenterology in Tennessee, and Integrated Pain Associates in Texas. These incidents underscore a growing cybersecurity crisis in the healthcare industry, where patient records have become prime targets for cybercriminals.
New York City Health and Hospitals Breach
Hackers reportedly spent months inside New York City's healthcare network before the intrusion was discovered, quietly copying files containing medical and financial information of at least 1.8 million patients. The attack, which occurred between November and February, is believed to have originated through a compromised third-party vendor. Exposed data includes medical records, payment information, government ID numbers, and biometric data. NYC Health and Hospitals has launched an investigation with a leading cybersecurity firm, reset compromised credentials, and strengthened remote access controls.
Other Incidents
Western Orthopaedics in Colorado reported that more than 113,000 individuals had their protected health information potentially exposed after hackers gained access to their systems. Community Health Systems, serving patients in California's San Bernardino, Riverside, and San Diego counties, detected suspicious activity around February 28, 2026. An investigation found unauthorized access to names, addresses, Social Security numbers, financial account information, treatment records, and more. The total number of affected individuals has not been disclosed.
Tri-Cities Gastroenterology, operating five locations in Tennessee, reported file exfiltration around December 11, 2025. A review completed in April found compromised files containing names, Social Security numbers, dates of birth, and medical record numbers. The Insomnia threat group claimed responsibility and published the data after an alleged unpaid ransom. Integrated Pain Associates in Texas identified unauthorized network access in February 2026, potentially exposing names, addresses, driver's license numbers, diagnosis information, and financial account details. The provider has implemented additional security measures and is offering complimentary credit monitoring.
Growing Threat to Healthcare Data
These breaches highlight the increasing value cybercriminals place on healthcare data, which often contains enough personal, financial, and medical information to facilitate identity theft, insurance fraud, and other cybercrimes. Several attacks have been linked to cyber extortion groups that published stolen data after ransom demands were not met. Healthcare organizations continue to face relentless attacks as patient records become some of the most sought-after targets for hackers.
