YNH A.I CyberSecurity Scoring
YNH
Company Information
Website:http://www.ynhhs.org
Employees number:5,470
Number of followers:63,524
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:ynhhs.org
YNH Risk Score (AI oriented)
Between 600 and 649
YNHHospitals and Health Care
Updated:
04/04/2026
04/04/2026
610/1000
Poor
Caa
YNH Global Score (TPRM)
xxxx
YNHHospitals and Health Care
Score locked

YNHPoor
Current Score
610Caa (POOR)
01000
3 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
621
JUNE 2026
618
MAY 2026
614
APRIL 2026
613
MARCH 2026
610
FEBRUARY 2026
606
JANUARY 2026
603
DECEMBER 2025
597
NOVEMBER 2025
596
OCTOBER 2025
610
Cyber Attack
27 Oct 2025 • YNH
Yale New Haven Health
Cybersecurity Incident at Yale New Haven Health Affecting IT Services
593
HIGH-17
YAL0952809102725
Yale New Haven Health experienced a cybersecurity incident over the weekend that disrupted IT services across its health system. The organization identified the issue promptly and engaged Mandiant, a cybersecurity firm, to investigate. While the incident did not compromise patient care, electronic medical records, or the patient portal, it caused intermittent internet and application connectivity problems, leading to delays and operational disruptions. Phone and internet connection issues impacted administrative workflows, requiring teams to rebuild access to critical programs. The organization notified federal authorities and assured staff, patients, and the community that updates would be provided as the situation evolved. The focus remains on restoring full system access while minimizing inconvenience to patients and staff.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
SEPTEMBER 2025
608
AUGUST 2025
605
MAY 2025
670
Breach
01 May 2025 • YNH
Yale New Haven Health
Yale New Haven Health Data Breach (2025)
592
CRITICAL-78
YAL0632206103125
Yale New Haven Health suffered a massive data breach exposing the protected health information (PHI) of 5,556,702 individuals, making it the largest healthcare data breach of 2025. The incident compromised sensitive patient records, including medical histories, treatment details, and personally identifiable information (PII). Such a breach poses severe risks, including identity theft, medical fraud, and unauthorized disclosure of confidential health data. The scale of the breach suggests a systemic failure in cybersecurity defenses, potentially due to phishing, unpatched vulnerabilities, or third-party vendor compromises. Given the healthcare sector’s regulatory obligations (HIPAA), the breach will likely result in heavy fines, legal repercussions, and long-term reputational damage. Patients may face targeted scams, blackmail, or discriminatory risks if their medical conditions are exposed. The incident also undermines public trust in digital health systems, possibly leading to patient attrition and financial losses from remediation efforts, lawsuits, and regulatory penalties.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MARCH 2025
775
Breach
01 Mar 2025 • YNH
Yale New Haven Health System (YNHHS)
Yale New Haven Health System Data Breach (March 2023)
666
CRITICAL-109
YAL0932109103125
In March, YNHHS experienced a cybersecurity breach where an unauthorized third party accessed patients’ sensitive data, including demographic information, Social Security numbers, patient types, and medical record numbers. While the breach did not compromise electronic medical records, treatment data, or financial accounts, it exposed personally identifiable information (PII) of patients, leading to a class-action lawsuit. YNHHS agreed to an $18 million settlement fund, with $6 million allocated to attorney fees and $12 million for affected individuals—offering reimbursements up to $5,000 for documented losses or a flat $100 payment. The breach prompted allegations of inadequate security measures and delayed patient notifications. Despite denying liability, YNHHS committed to enhancing cybersecurity protocols to prevent future incidents. The settlement also includes injunctive relief mandating improved data security practices. The breach impacted thousands of patients, risking identity theft and reputational harm to the health system.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for YNH ??
What was YNH's A.I Rankiteo Cyber Score in June 2026 ??
What was YNH's A.I Rankiteo Cyber Score in May 2026 ??
What was YNH's A.I Rankiteo Cyber Score in April 2026 ??
What was YNH's A.I Rankiteo Cyber Score in March 2026 ??
What was YNH's A.I Rankiteo Cyber Score in February 2026 ??
What was YNH's A.I Rankiteo Cyber Score in January 2026 ??
What was YNH's A.I Rankiteo Cyber Score in December 2025 ??
What was YNH's A.I Rankiteo Cyber Score in November 2025 ??
What was YNH's A.I Rankiteo Cyber Score in October 2025 ??
What was YNH's A.I Rankiteo Cyber Score in September 2025 ??
What was YNH's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on YNH's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with YNH ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view YNH's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?