Cyberhaven: 8 New Compromised Extensions Exposed—1.1M Users Affected! Read the Full Blog Now
Home » Spin.AI Blog » DLP » Recent Healthcare Data Breaches Expose Growing Cybersecurity Risks
DLP
February 10, 2025 | Updated on: February 12, 2025 | Reading time 9 minutes

Recent Healthcare Data Breaches Expose Growing Cybersecurity Risks

Author:
Avatar photo

Product Manager

Healthcare organizations continue to face rising cyber threats, with multiple major data breaches in 2025 exposing patient data. One was the data breach at the Community Health Center, Inc (CHC) in Connecticut. The others affected Asheville Eye Associates in North Carolina and Delta County Memorial Hospital District in Colorado. Let’s consider these recent breaches as a result of cyberattacks and see what happened with each, what data was compromised, and what we learn that will help healthcare organizations, and really all, to better protect themselves and avoid ransomware attacks. 

Recent Healthcare Data Breaches in 2025

There is no question that cyberattacks on the healthcare sector are some of the most alarming and most expensive. In 2024, the U.S. Department of Health and Human Services Office for Civil Rights received reports of 720 healthcare data breaches. These affected approximately 186 million user records. This is a tremendous jump from previous years and it shows the growing threat to patient privacy and the overall security of their data. 

Financially, these attacks are devastating to healthcare organizations. In 2024, the average cost of a data breach in the healthcare sector was $9.77 million. Now, for the 14th year in a row healthcare has topped the list of the most expensive data breaches when compared to all other business sectors. This helps to emphasize the need for robust cybersecurity measures within healthcare organizations. 

Source: The HIPAA Journal, Healthcare Data Breach Statistics

Community Health Center, Inc. Data Breach

The first attack we will consider is the attack on the Community Health Center, Inc (CHC) in Connecticut. CHC is a non-profit healthcare provider that detected unusual network activity on January 2, 2025. On further investigation, it was discovered attackers had infiltrated the environment and exfiltrated data of over one million individuals

Further investigation revealed the attacker could have had access to systems since October 14, 2024 and had access until January. It is unclear as to whether or not the attack was carried out by a lone individual attacker or a group of hackers. So far, the attack has not been attributed to a group or any specifics provided about any affiliations. The attack vector used is also unknown at this point.

What Data was Breached?

The bulk of the data was PII data that contained very sensitive personal and medical information:

CategoryExamples
Personal DetailsNames, Addresses, Dates of Birth
IdentificationSocial Security Numbers
Contact InfoPhone Numbers, Email Addresses
Medical DataTest Results, Diagnosis, Treatment Information
Insurance InfoHealth Insurance Details

The data breach affected both current and former patients of CHC. Other information stolen included information about individuals that had received COVID-19 tests or vaccinations at their clinics. Surprisingly, the attack did not include ransomware holding data hostage. This allowed CHC to continue normal business operations without disruption. 

Within a few hours, CHC had locked down access so the attacker was no longer able to access sensitive information. CHC also offered affected customers free credit monitoring and identity theft protection for two years.

Asheville Eye Associates & Delta County Memorial Breach

On January 31, 2025, two separate data breaches impacted healthcare providers:

  • Asheville Eye Associates in North Carolina 
  • Delta County Memorial Hospital District in Colorado 

With the incident involving Asheville Eye Associates, they reported that personal and medical information of 193,306 patients had been compromised due to an apparent cyberattack on their systems. The breached data included names, addresses, medical treatment information, and health insurance details, exposing patients to risks such as identity theft, fraud, and potential HIPAA violations.

If there is a positive with this particular attack, the Social Security Numbers, Credit Card Numbers, and other financial data was not part of the breached data of affected patients. The ransomware group, DragonForce, claimed responsibility for this breach in late December 2024. They said they had stolen hundreds of gigabytes of data from the eye care center. Asheville Eye Associates advised their patients to review statements from healthcare providers and insurance companies to make sure these were accurate and no fraudulent claims were placed.

DragonForce is a ransomware group that came onto the attack scene in August  2023. Their operation includes things like Ransomware-as-a-Service (RaaS) and they even have an affiliate program where they offer affiliates 80% of ransom payments and provide tools for helping affiliates with carrying out attacks. Their ransomware variants they have created are based on leaked LockBit 3.0 and ContiV3 ransomware code. DragonForce also uses double extortion tactics. These types of tactics are becoming increasingly common as it makes it much more likely that ransom payments are collected. It pressures victims into paying ransoms with the threat of intentional data leak. Between August 2023 and August 2024, they targeted 82 victims across sectors like manufacturing, real estate, and transportation, with a significant number of attacks in the United States

In a similar type attack, Delta County Memorial Hospital District notified the Maine Attorney General’s Office that hackers had accessed its network between May 27 and May 30, 2024. The attack had compromised the personal information of 148,363 individuals. The breached data included the following:

CategoryExamples
Personal DetailsNames, Dates of Birth, Addresses
IdentificationSocial Security Numbers, Driver’s License Numbers
Contact InfoPhone Numbers
Medical DataMedical and Health Insurance Information
Financial DataFinancial Information

The hospital offered patients one year of free identity theft and credit monitoring services to help make sure there was no misuse of their personal information and help notify them in case of fraud.

How Spin.AI Helps Secure Healthcare Data

Healthcare organizations are prime targets for cyberattacks, facing risks like identity theft, data breaches, and compliance violations. SpinOne by Spin.AI provides the essential tools to safeguard sensitive healthcare data and mitigate these threats.

Breached DataRisksSpinOne Protection
Contact Information  (Phone Numbers, Emails) Phishing attacks, social engineering Control risky apps and cloud misconfigurations to prevent non-compliance and cyber attacks:
  • Shadow IT detection
  • Continuous application and browser extension risk assessment
  • Automated remediation of risky apps and extensions
  • Misconfiguration detection and control
  • Non-compliance control
Identification (SSN, Driver’s License)Fraud, unauthorized access, compliance fines Secure and recover data:
  • Daily automated backups
  • Secure storage on AWS, Azure, GCP, or BYOS
  • 99.9% SLA
  • Granular recovery + file versioning
  • Easy data migration between accounts
Personal Details (Names, DOB, Addresses)




Medical & Insurance Data
Identity theft, fraud, legal exposure




HIPAA violations, lawsuits, financial losses
Prevent lawsuits from patients and controlling agencies by protecting data:
  • Control how your files are shared inside and outside the organizationMonitor and control the PII data of your patients and employees
  • Automate your interventions with custom DLP policies
  • Monitor abnormal events like user logins and data downloads
  • Meet compliance requirements such as HIPAA, GDPR, and CCPA
Financial Data (Bank info, insurance)Fraud, ransomware extortion Prevent months of downtime, ransom payments, legal penalties and reputational losses:
  • Fastest 2-hour recovery SLA on the market
  • AI-powered, behavior-based detection 24/7 monitoring
  • Automated remediation
  • Blocking ransomware source

SpinOne provides a proactive, non-reactive solution to help defend against cyberattacks. It helps to protect sensitive information like patient data from improper sharing, data leaks, or access by third-party SaaS apps.

Strengthening Healthcare Data Security in Light of Recent Breaches

With the recent breaches at Community Health Center, Asheville Eye Associates, and Delta County Memorial Hospital District shows the immediate need for healthcare organizations to secure their data. Spin.AI helps to provide the tools and solutions needed to enhance cybersecurity for sensitive information in SaaS environments and it helps reduce the risk of improper data sharing, data leaks, ransomware attacks, and improper SaaS app access for patient and other sensitive information.

Protect your healthcare data today. Schedule a free demo with Spin.AI’s security experts now.

Was this helpful?

0/400
Thanks for your feedback!
Avatar photo

Written by

Product Manager at Spin.AI

Will Tran is the Product Manager at Spin.AI, where he guides the product's strategic direction, oversees feature development and ensures that the solution solves his clients’ cybersecurity needs.

Will is a security professional who started his career at Lockheed Martin where he worked on National Security Space programs in business development and product management.

Will holds a BA in Economics and Mathematics from UCSB and an MBA with a specialization in Technology Management and Marketing from UCLA Anderson School of Management.

At Lockheed Martin, Will developed the multi-year strategy campaign and supported the product development of a national security satellite program for the United States Air Force, which resulted in a multi-billion dollar contract.

During business school, Will consulted 2 non-profit organizations as part of a series of national consulting case competitions. He set strategic priorities, optimized business operations, and developed a process to qualify new revenue streams for his non-profit clients. These initiatives resulted in 15-20% increase in annual surplus.

In his spare time, Will can be found at local coffee shops around Los Angeles, traveling to different countries, or hanging out with his cat.

Latest blog posts

A Guide to Data Loss Prevention for Managed Service Providers

A Guide to Data Loss Prevention for Managed Service Providers

Data loss prevention (DLP) is critical for Managed Service Providers (MSPs) to safeguard sensitive client...

Avatar photo

Product Manager

Read more
Data Loss Prevention Techniques for 2025 and Beyond

Data Loss Prevention Techniques for 2025 and Beyond

It’s painstakingly clear that data loss is a major challenge facing businesses today. Our experts...

Avatar photo

Vice President of Product

Read more
Data Loss Prevention: Protecting Your Gold

Data Loss Prevention: Protecting Your Gold

In today’s digital landscape, data is one of the most valuable assets to your company....

Avatar photo

CEO and Founder

Read more