1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
HAP (Health Alliance Plan) (Health Plan, MI) reported a HIPAA breach affecting 1,059 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Chicago Cosmetic Surgery and Dermatology (Healthcare Provider, IL) reported a HIPAA breach affecting 700 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Howard Brown Health (Healthcare Provider, IL) reported a HIPAA breach affecting 8,357 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
Mitchell County Department of Social Services (Healthcare Provider, NC) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Reproductive Medicine Associates of Michigan (Healthcare Provider, MI) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The FTC has taken action against Illusory Systems, Inc. (doing business as Nomad) for failing to implement adequate data security measures, which led to a breach where hackers stole $186 million from consumers. The company is required to return the stolen funds and implement an information security program.
$186.0M
Baltimore Medical System, Inc. (Healthcare Provider, MA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Heywood Healthcare Inc. including Henry Heywood Memorial Hospital, Athol Memorial Hospital, and Heywood Medical Group, Inc. (“Heywood”) (Healthcare Provider, MA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Florida Attorney General James Uthmeier filed a lawsuit against Roblox, alleging that the company misrepresented the safety of its platform to parents and failed to protect children from accessing adult content and being contacted by predators. The lawsuit seeks injunctive relief and other remedies to ensure child safety on the platform.
Centric Health (Healthcare Provider, CA) reported a HIPAA breach affecting 6,855 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
Southern Oregon Neurosurgical and Spine Associates, PC (Healthcare Provider, OR) reported a HIPAA breach affecting 1,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Ochsner LSU Health – Regional Urology (Healthcare Provider, LA) reported a HIPAA breach affecting 4,519 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
TriCity Family Services (Healthcare Provider, IL) reported a HIPAA breach affecting 2,511 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Columbia Medical Practice (Healthcare Provider, MD) reported a HIPAA breach affecting 3,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
NCH Corporation Employee Benefits Plan (Health Plan, TX) reported a HIPAA breach affecting 3,098 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Greater St. Louis Oral & Maxillofacial Surgery PC (Healthcare Provider, MO) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Fieldtex Products, Inc. (Business Associate, NY) reported a HIPAA breach affecting 5,901 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Madison Healthcare Services (Healthcare Provider, MN) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Florida Attorney General James Uthmeier issued an investigative subpoena to TP-Link Systems Inc. as part of a consumer protection investigation into the company’s cybersecurity practices, supply-chain infrastructure, and handling of U.S. consumer data, including allegations of unauthorized data sharing with the Chinese Communist Party. The probe will determine if TP-Link misled customers about foreign government access to their personal data, which would violate the Florida Deceptive and Unfair Trade Practices Act, with no findings of wrongdoing yet.
The FTC proposed a consent order against Illuminate Education, Inc. for failing to secure student data, leading to a breach affecting over 10 million students. The company allegedly had security failures and delayed breach notifications. The order requires a data security program, data deletion, and a retention schedule.
FedEx Corporation Group Health Plan (Health Plan, TN) reported a HIPAA breach affecting 1,066 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Sports Medicine & Orthopaedics (Healthcare Provider, RI) reported a HIPAA breach affecting 4,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cerenade (Business Associate, CA) reported a HIPAA breach affecting 987 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Center for Urologic Care of Berks CO (Healthcare Provider, PA) reported a HIPAA breach affecting 543 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Keystone Alliance, Inc. (Business Associate, IL) reported a HIPAA breach affecting 1,021 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Med Atlantic, Inc. (Business Associate, VA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Nura PLLC (Healthcare Provider, MN) reported a HIPAA breach affecting 5,207 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Dr. Michael Kaplan DO PC DBA Long Island Weight Loss Institute (Healthcare Provider, NY) reported a HIPAA breach affecting 3,426 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
County of Catawba (Health Plan, NC) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Dermatology Associates of Concord (Healthcare Provider, MA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.