In a chilling wave of cyberattacks, millions of Americans find themselves vulnerable as hackers have infiltrated healthcare systems nationwide, seizing a trove of sensitive personal and medical data. The breaches have unearthed a vast array of private information, ranging from Social Security numbers and medical records to health insurance details and biometric data like fingerprints and palm prints.
The most significant of these attacks struck New York City Health and Hospitals, the largest public healthcare provider in the United States. This was not an isolated incident, as other healthcare institutions such as Western Orthopaedics in Colorado, Community Health Systems in California, Tri-Cities Gastroenterology in Tennessee, and Integrated Pain Associates in Texas have also fallen victim to similar breaches.
These incidents underscore the persistent threats faced by healthcare organizations, as cybercriminals relentlessly target the rich repository of patient records they hold. In New York City, hackers reportedly lurked within the healthcare network for months, stealthily extracting medical and financial information from at least 1.8 million patients before their presence was detected.
Furthermore, Western Orthopaedics reported that over 113,000 individuals might have had their protected health information compromised as a result of unauthorized access to their systems. As healthcare entities grapple with these security challenges, the risk to patient privacy and data security remains a pressing concern.
Hackers reportedly spent months inside New York City’s healthcare network before the intrusion was discovered, quietly copying files containing medical and financial information belonging to at least 1.8 million patients.
More than 113,000 people had their protected health information potentially exposed after hackers gained access to systems operated by Western Orthopaedics.
Several of the attacks have been linked to cyber extortion groups that allegedly published stolen data after ransom demands were not met.
The breaches underscore the growing cybersecurity crisis facing the healthcare industry, where patient records have become some of the most sought-after targets for hackers.
The incidents come as healthcare organizations continue to face relentless attacks from cybercriminals seeking highly valuable patient records
Join the discussion
Should healthcare providers face tougher penalties for failing to protect our most sensitive data?
Community Health Systems, which serves patients in California’s San Bernardino, Riverside and San Diego counties, disclosed a separate incident after suspicious activity was detected in its network around February 28, 2026.
An investigation found unauthorized access to systems containing names, addresses, email addresses, phone numbers, dates of birth, Social Security numbers, financial account information, driver’s license numbers, treatment records, prescription information, Medicare and Medicaid identification numbers, health insurance details and medical billing information.
The provider said it is reviewing its security policies and procedures. The total number of affected individuals has not yet been disclosed.
Tri-Cities Gastroenterology, which operates five locations across Tennessee, reported that files were exfiltrated from its network around December 11, 2025.
A review completed in April found the compromised files contained names, Social Security numbers, dates of birth, addresses, email addresses, telephone numbers, gender information and medical record numbers.
Although the practice said it had not identified any misuse of the stolen information, the Insomnia threat group claimed responsibility for the attack and later published the data after a ransom demand allegedly went unpaid.
Integrated Pain Associates, a Texas-based team of spine and pain specialists, also disclosed a security incident after identifying unauthorized access to its network in February 2026.
The ongoing investigation has found that names, addresses, dates of birth, driver’s license numbers, Social Security numbers, diagnosis information, medication records, health insurance information, treatment details and financial account information may have been exposed.
The provider has since implemented additional security measures and is offering complimentary credit monitoring services to affected patients.
The latest breaches come just months after one of the largest healthcare cyberattacks in recent memory affected New York City Health and Hospitals, the largest public healthcare system in the United States.
That breach compromised the personal information of at least 1.8 million patients after hackers reportedly spent months inside the network between November and February before the intrusion was detected.
Officials said the attack appeared to originate through a compromised third-party vendor, giving unauthorized actors access to highly sensitive files containing medical records, payment information, government identification numbers and even biometric data such as fingerprints and palm prints.
The organization warned that exposed information may also have included Social Security numbers, driver’s license numbers, taxpayer identification numbers, precise geolocation data, credit card information, financial account details and online account credentials.
NYC Health and Hospitals said it immediately launched an investigation with the assistance of a leading cybersecurity firm, reset compromised credentials, strengthened remote access controls and deployed additional monitoring systems designed to detect future attacks.
The health system urged affected individuals to closely monitor account statements, explanation-of-benefits documents and credit reports for signs of fraud, while recommending that anyone whose login credentials may have been compromised immediately change their passwords.
The string of attacks underscores the increasing value cybercriminals place on healthcare data, which often contains enough personal, financial and medical information to facilitate identity theft, insurance fraud and other forms of cybercrime.
