Episource has reported a data breach affecting over 5 million patients in the U.S., following a cyberattack that occurred between January 27 and February 6, 2025. The breach exposed various sensitive health information, including names, addresses, and medical records, although no banking or payment card data was compromised. Affected individuals are being notified and advised to monitor for suspicious activity.

McLaren Health Care has reported a significant data breach affecting the personal information of approximately 743,000 individuals. The breach occurred between July and August 2024, following a previous ransomware attack in 2023 that compromised the data of over 2 million people. The exposed information includes names and Social Security numbers among other sensitive details.

Nearly 250,000 individuals were impacted by a data breach at Medical Associates of Brevard, a healthcare organization in Florida. The BianLian ransomware group claimed responsibility for the attack, which involved the theft of personal and protected health information. The breach was discovered in January 2025, and the organization has since notified authorities and affected individuals.

SimonMed Imaging has notified over 1.27 million individuals about the compromise of their protected health information due to a cyberattack in January 2025. While the company confirmed data theft, there have been no reported cases of misuse, and affected individuals are being offered complimentary credit monitoring services.

Esse Health has notified over 263,000 patients that their personal and health information was compromised in a cyberattack that occurred on April 21, 2025. The breach resulted in the theft of sensitive data, although there was no evidence of stolen social security numbers, and the organization is offering free identity protection services to affected individuals. Restoration efforts suggest a ransomware attack, but no group has claimed responsibility for the incident.

Ascension has reported a significant data breach affecting the personal information of 437,329 patients due to a cyberattack. The exposed data includes sensitive details such as names, dates of birth, and medical information, prompting concerns about patient privacy and security. Authorities are investigating the incident while affected individuals are being notified.