Hackers last year targeted multi-million dollar companies, personal information, bank documents and login credentials. They also expanded their business into the healthcare sector. It is no secret that the world we live in now is seeing ransomware and hacking incidents more than ever and that makes everyone a target.
Healthcare organizations or the Health sector last year alone recorded 233 incidents of a breach, according to reports. The U.S. Department of Health and Human Services stated that they recorded over 3.16 million patient records breached last year.
It will be very cruel for people who are already fighting for their lives to learn that their delicate health information is out there on the open market for everyone to buy since it is the duty of the healthcare providers to protect their personal data from being breached. About 193 incidents of healthcare breaches analyzed, showed June to be the highest month with an unprecedented 52 incidents being recorded. March was the month which saw the most record breaches, with 1,360,961 patients affected.
One of the healthcare breaches, an Australian healthcare saw over 1.3 million records leaked. These records included both medical and personal records belonging to citizens who were donating blood to the Red Cross Blood Service. On the 25th of October last year, an anonymous source uncovered a 1.74 GB file which contained 1.28 million donor records spanning back to 2010.
As if the damage done wasn’t enough, a new report from an information security specialist, Thales e-Security, revealed that 48% of health organizations in the U.S. reported experiencing a form of a breach last year, twice greater than that of two years ago.
56% of these health organizations also claimed they felt very vulnerable to the risk of data breaches. Over 77% also reported suffering at least a breach during last year. These numbers have been identified as the highest ever recorded among all sectors in annual reports.
As to why this is happening is still unknown even though a report has suggested that the healthcare sector is struggling with these breaches particularly because of human errors being committed on a regular basis. Emails being sent to the wrong recipient servers containing detailed information left open to the public, as well as, discharge instructions being given to the wrong patient, highlighted the most frequent errors causing these data breaches.
Some have also attributed the growing risk of breach to the fact that, many healthcare organizations (93%) are now using a cloud, IoT, big data and container technologies containing delicate data. Over 96% also stated that they were using IoT technologies which includes “internet-connected heart-rate monitors, implantable defibrillators, and insulin pumps,” according to the report.
This makes their information more likely to be hacked by cybercriminals as their methods of saving data has made them likely targets. While the dark web is widely known for illicit drugs and illegal sales of firearms, medical records packed with vital data, however, won’t be selling at a cheaper price per record.
Healthcare providers in the U.S. according to the report, have the highest number of respondents who plan to spend more on endpoint and mobile device security, even though they’ve been ranked the least effective in preventing data breaches. Encryption happens to be the first choice for many sectors across the country, including federal, financial, and retail, with 77-89% of these sectors in total.
However, on a positive side, about 84% of healthcare organizations plan on increasing or tightening their cybersecurity in the coming year.
“When it comes to data security, the global healthcare industry is increasingly under duress, which is why some of this year’s findings are so counter-intuitive,” stated Peter Galvin, the chief strategy officer of Thales e-Security.