Harbor, a healthcare organization, experienced a data breach between July 25 and August 1, 2025, when an unauthorized individual accessed and exfiltrated sensitive files from its network. The compromised data varies per affected individual but includes highly sensitive information such as names, addresses, dates of birth, Social Security numbers, driver’s license/state ID numbers, medical diagnoses, treatment records, clinical data, financial account details, and health insurance information. The breach was detected on August 1, prompting an immediate investigation, law enforcement notification, and a review of internal security policies. Harbor is notifying impacted patients, employees, and board members via postal mail. The incident exposes victims to risks of identity theft, financial fraud, medical fraud, and targeted phishing attacks, given the depth of personal and health-related data stolen. The breach underscores significant vulnerabilities in Harbor’s cybersecurity infrastructure, particularly in safeguarding protected health information (PHI) and personally identifiable information (PII).
Source: https://www.13abc.com/2025/09/30/harbor-warns-patients-employees-data-breach/
TPRM report: https://www.rankiteo.com/company/harbor-health-services
"id": "har4702147100125",
"linkid": "harbor-health-services",
"type": "Breach",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Patients, employees, and board '
'members (exact number '
'unspecified)',
'industry': 'Healthcare',
'location': 'Toledo, Ohio, USA',
'name': 'Harbor',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Notification letters sent via U.S. Postal Service',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': ['Name',
'Address',
'Date of Birth',
'Social Security '
'Number (SSN)',
'Driver’s License '
'Number',
'State Identification '
'Number',
'Medical '
'Diagnosis/Treatment '
'Information',
'Clinical Information',
'Financial Account '
'Information',
'Health Insurance '
'Information'],
'sensitivity_of_data': 'High (includes SSN, medical records, '
'financial accounts)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial Information']},
'date_detected': '2025-08-01',
'date_publicly_disclosed': '2025-09-30',
'description': 'Harbor, a healthcare organization, experienced a data breach '
'between July 25 and August 1, 2025. An unauthorized '
'individual accessed and exfiltrated files containing '
'sensitive personal, medical, and financial information of '
'patients, employees, and board members. The breach was '
'detected on August 1, 2025, prompting an investigation, law '
'enforcement notification, and remediation efforts. Affected '
'individuals are being notified via U.S. Postal Service.',
'impact': {'brand_reputation_impact': 'Potential reputational harm '
'(healthcare data breach)',
'data_compromised': True,
'identity_theft_risk': 'High (PII, PHI, and financial data '
'exposed)',
'payment_information_risk': 'Moderate (financial account '
'information may be included)',
'systems_affected': ['Computer network']},
'initial_access_broker': {'high_value_targets': ['Patient records',
'Employee data',
'Financial information']},
'investigation_status': 'Ongoing (as of Sept. 30, 2025)',
'post_incident_analysis': {'corrective_actions': 'Evaluating and updating '
'data privacy/security '
'policies and procedures'},
'ransomware': {'data_exfiltration': True},
'references': [{'date_accessed': '2025-09-30', 'source': 'WTVG (13abc)'}],
'response': {'communication_strategy': 'Press release (Sept. 30, 2025) and '
'U.S. Postal Service notification '
'letters to affected individuals',
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'remediation_measures': 'Evaluating and updating data privacy '
'and security policies/procedures'},
'stakeholder_advisories': 'Press release issued to patients, employees, and '
'board members',
'threat_actor': 'Unauthorized individual (unknown affiliation)',
'title': 'Harbor Data Breach (July-August 2025)',
'type': ['Data Breach', 'Unauthorized Access', 'Data Exfiltration']}