During the first half of 2025, healthcare organizations across the country posted 330 breaches of protected health information (PHI) affecting 500 or more individuals. Consistent with previous updates, rises in unauthorized access or hacking comprised almost all—98 percent—of the breaches. The percentage of breach investigations due to improper disposal, loss, theft, or unauthorized access or disclosure of PHI continues to decrease. For the first time since 2023, loss of PHI was not cited as a cause of a breach investigation.