Skip to content

The Biggest COVID-Related Data Breaches (So Far)


Cybercriminals will always adapt to a changing digital landscape. It’s no surprise that the COVID-19 pandemic brought a wave of cyber-attacks and data breaches. Hackers all over the world took advantage of a vulnerable situation. Data breaches nearly doubled in 2020 as a result. Estimates from the Unisys Security Index indicate that there were 192,000 coronavirus-related cyber attacks per week in May 2020 alone.

Although some of the largest data breaches of 2020 had nothing to do with the pandemic, several were linked to the COVID crisis. The biggest COVID-related data breaches involved healthcare systems, unemployment offices, universities, and COVID-researchers.

The following 8 data breaches are the biggest cyberattacks with explicit links to the COVID-19 pandemic (so far).

Blackbaud hospital breach

Most cybersecurity experts consider the Blackbaud incident as the largest healthcare data breach of 2020. The company provides its cloud software to more than 30 hospital systems in the US and over 25,000 non-profit organizations worldwide. When their systems were compromised in August 2020, the fallout was massive. Blackbaud announced that the records of 657,392 people were exposed, including patient information and Social Security numbers. The ransomware attack has led to 20 lawsuits as well.

Zoom credentials hack

As Zoom is a video-conferencing platform that skyrocketed in popularity in the first months of the pandemic, it’s not surprising that it became a target for hackers. At the beginning of April 2020, more than 500,000 Zoom account credentials went up for sale. Zoom didn’t seem to take a major hit, however, as people continued to use it for remote working or connecting with loved ones. Shortly after the credentials hack, Zoom took steps to rectify its security issues as well.

US Small Business Administration

In most countries, the pandemic created an economic crisis as well. The US Small Business Administration (SBA) was just one of several government agencies in the US that offered emergency assistance for either individuals or small businesses. Unfortunately, the SBA suffered a data breach in April 2020, that impacted almost 8,000 applicants for the Economic Injury Disaster Loan program. Names, Social Security numbers, addresses, birth dates, email addresses, phone numbers, citizenship statuses, and insurance information are all the types of information that may have been exposed.

Magellan Health ransomware

The healthcare industry was already a prime target for cybercriminals, but the COVID-19 pandemic made them even more vulnerable to cyber-attacks. Magellan Health became another unfortunate example of the cybersecurity risks that healthcare organizations face. The Fortune 500 company suffered a ransomware attack in April 2020. The hack exposed employee information such as Social Security numbers or taxpayer-identification numbers. As of October 2020, the estimated total number of victims was 1.7 million.

European Medicines Agency

At the beginning of the pandemic, cybercriminals targeted COVID-19 supplies such as face masks and hand sanitizing gel. Once vaccine development began, they aimed at vaccines and vaccine research instead. The European Medicines Agency (EMA), the drug regulator for the European Union, suffered a cyber attack in December 2020. This exposed documents and confidential information related to the Pfizer/BioNTech vaccine. At this point, the Pfizer/BioNTech vaccine was considered a top contender for combatting COVID-19 and was already being administered in Britain.

World Health Organization

As the world’s foremost public health agency, the World Health Organization (WHO) was a big target for cyberattacks in 2020. Hackers targeted both WHO staff as well as individuals by pretending to be WHO officials. They announced a leak of 450 active WHO email addresses and passwords in just one week in April 2020. The organization estimated the number of cyberattacks directed at WHO increased five times compared to the same period last year.

Illinois Department of Employment Security

Unemployment soared in the US as a result of the pandemic. Many state unemployment systems had a hard time keeping up with claims. The Illinois Department of Employment Security rolled out a new system to help process a large number of unemployment claims. Only one day after the new system launched, a “glitch” leaked thousands of records of applicants. The department fixed the issue within an hour, but it’s unknown how many applicants had their information exposed.

The University of California at San Francisco

In the first half of 2020, coronavirus disinformation was rampant. As the world moved closer to developing a vaccine, vaccine research became a bigger target. The University of California at San Francisco (UCSF) School of Medicine’s IT systems were infected with malware in June 2020. UCSF admitted to paying a ransom to salvage data related to their COVID-19 vaccine research.

COVID-19 data breaches

Even as the world starts to get the pandemic more under control, cyber-attacks will not stop. It’s likely hackers will continue to take advantage of the vulnerability created by the world’s largest public health crisis in over a century.

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
  • Uncategorized

10 Things to Do Before You Sell Your iPhone

Are you ready to sell or give away your iPhone so you can get a new one…

[Read More]

Why ​​STIR/SHAKEN Might Be a Real Solution to End the Robocall Nightmare

“We’re not going to stop until we get robocallers, spoofers, and scammers off the line.” – FCC…

[Read More]

Biggest Security Vulnerabilities With WordPress Plugins

WordPress powers over 40 percent of the web. The user-friendly content management system allows non-web developers to…

[Read More]

Webcam Spies: Why You Should Cover Your Laptop Camera ASAP

If you’re worried about webcam spies or cyber hackers obtaining your most confidential information, your paranoia is…

[Read More]

Staying Safe While Traveling Internationally

Traveling internationally can be an incredible experience or a long-lasting nightmare. Asher Fergusson has tips to keep…

[Read More]

What Exactly is Freedom of Speech on the Internet?

Friendly Reminder: This article discusses legal terminology, but should in no way be considered legal advice.   America…

[Read More]