A recent report has stated that patient records affected by health data breaches have hit a four-year low in 2017. Unfortunately, while these findings are promising, the number of breach incidents remains steady and continues to represent a constant threat to patient data security. There also seems to be a continuing trend in which health data breaches that have affected the most patient records in a given month are the result of hacking while breaches that have taken the longest to detect are the result of insiders. February continues this trend, with a ransomware attack responsible for the largest single incident of the month and an insider-error incident that continued for over four years before it was detected by the healthcare organization. There was also one incident that was the result of insider-wrongdoing, and this particular case highlights just how insidious insider-wrongdoing breaches can be.