Data breaches in the healthcare industry could be a substantial threat for the business as well as the patients.
Lately, the healthcare sector is top priority for the cybercriminals and this digital era observes that they are actively selling off healthcare record for high-value profits.
In 2020, there were a total of 599 healthcare breaches which collectively affected over 26 million individuals globally, reveals a recent Bitglass study. It focuses in-depth on the breaches that healthcare organizations faced amid the pandemic.
Security researchers compared the figures with previous years’ and revealed the key trends as well as the cybersecurity challenges facing the sector. The breaches recorded within the DHHS database could be classified into the below mentioned categories –
- Hacking and IT cyber incidents: Data breaches related to malicious attackers and improper IT security – a cybersecurity events lessening from external parties.
- Unauthorized data leak: Unauthorized document sharing of PHI by the internal parties or systems.
- Loss of information or data theft: Breaches that involve the critical loss or theft of the endpoint devices.
- Other: the miscellaneous data breaches and information leaks.
Since 2018, the overall hacking and malicious IT incidents has increased with time, representing that IT resources are progressively used by organizations and targeted by the threat actors. By far, such incidents were the primary cause of healthcare breaches last year.
According to the statistics, the number reached to 403 out of 599 data breaches, which is nearly 67.3%. This is more than three times that of the following category. Besides, hacking and IT incidents led to greater breaches compared to what other categories did.
In fact, it compromised almost 91.2% of all exposed healthcare records – which is about 24.1 million, out of 26.4 million in 2020.
In this digital era, most of healthcare organizations process as well as store protected health information (PHI). This involves the medical history of patients, Social Security numbers, and other personal data. Basically, it is no surprise that such entities would be targeted by the malicious actors who seek to access sensitive data for hefty monetary gain.
Some principal findings from the study are –
- The cost of each breached record increased – from $429 in 2019 to $499 in 2020 (on average). With 26.4 million medical records exposed in 2020, data breaches now cost healthcare organizations about $13.2 billion.
- In addition to hacking and IT incidents, the remaining data breach sets exposed the personal details of around 2.3 million people. This exposed the victims to phishing attack, identity theft, and many other forms of cyber-attacks.
- In 2020, data breach numbers were up spanning the board, with 37 out of 50 US states suffering more breaches as they encountered in 2019. In fact, California had the topmost healthcare breaches in the pandemic time with 49 incidents. It has surpassed Texas, last year’s top victim state. This time it suffered 43 breaches.
- Last year, the average healthcare units took almost 236 days to recover from a cyberattack or data breach.
In this context, Anurag Kahol, CTO at Bitglass, explained in the report – “The exceedingly high number of hacking and IT incidents highlight the shifting strategies of malicious actors. As healthcare organizations continue to embrace cloud migration and digital transformation, they must leverage the proper tools and strategies to successfully protect patient records and respond to the growing volume of threats to their IT ecosystems.”
For more such updates follow us on Google News ITsecuritywire News.