The U.S. Office for Civil Rights is investigating a May 31 data breach that affected Baltimore-based Johns Hopkins Health System, local NBC affiliate WBALTV reported Aug. 4. 

Prospect Medical hospitals and outpatient clinics across the U.S. have transitioned to paper records or temporarily closed as their teams work to bring computer systems back online after an Aug. 3 ransomware attack.

An estimated 1.7 million Oregon Health Plan members have been affected by a coordinated data hack.

Here are six hospitals and health systems dealing with cyberattacks Becker's has reported on since July 25:

Nashville, Tenn.-based HCA Healthcare is facing the fifth lawsuit from patients relating to a July data breach that compromised the information of 11 million patients, law.com reported Aug. 4.

A ransomware attack is affecting hospitals around the country owned and operated by Prospect Medical Holdings, a 16-hospital system based in Culver City, Calif.

A cyberattack at Manchester-based Eastern Connecticut Health Network is causing closures and emergency room diversions, NBC Connecticut reported Aug. 3.

Detroit-based Henry Ford Health System is facing a lawsuit for a March 30 data breach that compromised the protected health information of 168,000 patients, Top Class Actions reported Aug. 2. 

The Chattanooga (Tenn.) Heart Institute identified a suspected cybersecurity attack on its IT network in April, and an investigation confirmed that an unauthorized third party accessed the network and obtained copies of confidential patient data.

Hospitals that merge are particularly vulnerable to data breaches in the period during and right after the acquisitions, according to research at the University of Texas at Dallas.

The MOVEit data breach continues to take more victims across a variety of industries, including hospitals and health systems across the U.S. as well as CMS. 

With healthcare’s shift toward digitization and customer centricity, business and operations risks are also evolving, requiring a rethinking of risk management and controls. As organizations look to transform their operations, they need to be vigilant in anticipating and managing their risks in compliance, operations, finance and technology. Amid these daunting challenges, however, lies opportunity. With the right approach, coordination and tools, providers can mitigate these risks and emerge stronger to deliver better value to their many stakeholders.

Heritage Valley Health System, based in Beaver, Pa., is facing a lawsuit for allegedly using pixel tracking technology on its website that allowed third parties to gain access to some patients' protected health information.

Lawyers for Allentown, Pa.-based Lehigh Valley Health Network filed a court motion stating that lawyers representing a data breach lawsuit filed against them improperly downloaded patient data from the dark web in an "attempt to gain a strategic advantage in the case," The Morning Call reported July 29. 

Ransomware gang Karakurt has allegedly stolen genetic DNA patient records from McAlester (Okla.) Regional Health Center and is planning to auction them off Aug. 1, Cybernews reported July 31. 

Hackers had access to Tampa (Fla.) General Hospital's IT network for three weeks, the Tampa Bay Times reported.

The average cost of a data breach reached a new global high in 2023, but it was still less than half the average healthcare data breach cost, a July 24 IBM report found.

The personal health information of 612,000 Medicare beneficiaries has been breached from CMS contractor Maximus Federal Services.

An employee email account from Sacramento, Calif.-based UC Davis Health was accessed by an unauthorized party, potentially breaching some patients' protected health information. 

Several hospitals and health systems across the U.S. are facing lawsuits regarding data breach incidents that compromised patients' protected health information.