Call Us For A AreWeAFit Consultation (954) 507-3475
Giaspace | IT Services Fort Lauderdale & Miami
Get An Estimate

May brought a major healthcare breach in New York involving biometric data, a community radio station pushed off the air after a cyberattack drained its finances, a 7-Eleven breach tied to Salesforce-stored records, and Verizon’s biggest annual breach report landing right in the middle of it all (because apparently May was feeling ambitious).

Here’s what happened, and what it means for your business.

The Biggest Story: New York’s Public Healthcare System

This is one of the largest breaches of 2026, and hackers stole personal and medical data along with biometric scans including fingerprints, making it different from most. Biometric data cannot be changed the way a password or a credit card number can. Once it is out, it is out permanently (which is a sentence worth sitting with for a moment).

The Privacy Guides breach roundup flagged this as one of the most significant incidents of the year, affecting at least 1.8 million people. The investigation is ongoing and the full scope of affected individuals has not yet been disclosed.

The Takeaway:

If your business handles patient data, biometric data, or anything else people really cannot afford to have exposed, your security posture needs to reflect that. “We thought the vendor had it covered” is not going to be a comforting sentence later.

The Breaches

1. DaVita: Ransomware Hits a Healthcare Giant

DaVita, one of the largest kidney care providers in the US, reported a ransomware attack that hit its internal operations and primarily affected its laboratory systems. DaVita is still investigating the full scope.

2. 7-Eleven: 600,000 Salesforce Records Stolen

7-Eleven confirmed a breach involving systems used to store franchisee application documents. ShinyHunters claimed it stole more than 600,000 Salesforce records containing personal and corporate data, but 7-Eleven has disclosed very little so far about the full scope or total number of affected individuals (always reassuring when the details are vague).

3. Anne Arundel Dermatology: 1.9 Million Patients

Anne Arundel Dermatology notified 1.9 million individuals that their personal and medical information was compromised, including names, Social Security numbers, and health information. A dermatology appointment with some very long-lasting consequences.

4. Tampa Bay Dental: A Florida Breach Worth Noting

Tampa Bay Dental Implants and Prosthetics, in the St. Petersburg area, disclosed a breach after TridentLocker ransomware hit its systems. This attack affected 6,400 individuals’ data, including names, contact information, birth dates, treatment notes, and clinical histories, with Social Security numbers exposed for some patients.

5. Ocean City Radio: A Cyberattack That Ended a Business

Ocean City Radio suffered a cyberattack so financially devastating it was forced to shut down permanently on May 12. The business did not survive the recovery costs. For small businesses, this is the reminder that a cyberattack is not always something you recover from.

6. Heritage Bank: 182,793 Customers

Heritage Bank revealed unauthorized access between March and April 2026 affecting 182,793 individuals, a two-month window before detection, which is two months longer than it should have been.

What May Is Telling Us

The Verizon 2026 DBIR dropped this month and confirmed what the breach list already shows: 96% of ransomware victims were SMBs, third-party incidents jumped 60%, and vulnerability exploitation is now the number one breach entry point. Ocean City Radio reminds us that the cost of a breach is not just the ransom; it is everything that follows.

Ask yourself the same three questions we come back to every month:

  1. Are your critical vulnerabilities being patched within hours of disclosure, not weeks?
  2. Do you know which vendors and third parties have access to your systems right now?
  3. Would your business survive the full cost of a recovery if something hit today?

If any answer is uncertain, that is where to start.

The businesses that don’t get breached aren’t lucky; they are prepared.

→ Schedule Your Free Security Assessment with Rob

→ Learn More About Our Managed Security Services

Published: May 28, 2026

Need IT Support for Your Florida Business?

GiaSpace provides proactive managed IT services, cybersecurity, and local tech support across Florida — with teams in Gainesville, Fort Lauderdale, Jacksonville, and Ocala.

Managed IT Services FloridaCybersecurity Services FLGainesville IT ServicesFort Lauderdale IT Services
author avatar
Gabriela Noce
Gabriela Noce is the Chief Marketing Officer at GiaSpace, leading branding, digital strategy, and performance marketing to drive business growth. With expertise in content marketing, SEO, and creative campaigns, Gabriela translates complex IT topics into clear, relevant content for business leaders. She brings a data-driven mindset to ensure GiaSpace's messaging is helpful and client-focused.
See Full Bio
social network icon

Latest Blog Posts

Your May 2026 Data Breach Roundup

Your May 2026 Data Breach Roundup

Read More
How CPAs Are Using Claude to Work Smarter in 2026

How CPAs Are Using Claude to Work Smarter in 2026

Read More
The 2026 Verizon DBIR: The Numbers Every SMB Should See

The 2026 Verizon DBIR: The Numbers Every SMB Should See

Read More
Read The GiaBlog

GiaSpace's Proven Track Record Of Success

Mickey Truck Bodies

Mickey Truck Bodies

Read More
ECI Pharmaceuticals

ECI Pharmaceuticals

Read More
FiscalChimp Accounting

FiscalChimp Accounting

Read More
Cain Food Industries, Inc.

Cain Food Industries, Inc.

Read More
Read More Case Studies

Proven IT Results, Verified by Reviews

Get IT Help Now