Healthcare Breaches Still A Top Target In The U.S.
By: Jim Stickley and Tina Davis
September 6, 2019
Healthcare data breaches keep on coming, and a closer look finds they have a lot in common. Statistics for 2019 show trends in how healthcare hacks throughout the U.S. happen. It’s no secret the healthcare industry is a popular target for hackers. Although some argue about the standings, healthcare is consistently among the top targets in the U.S. Hackers are after the many things these data breaches offer, including PHI (Personal Health Information), Social Security, insurance information, and payment card data.
In 2017, 328 healthcare data breaches were recorded, accounting for almost 60% of all breaches in the U.S. that year. Second only to healthcare, technology industries reported a total of 48 breaches that year. That’s a huge difference from first to second place totals. Since healthcare is a favorite target among hackers, is it really a surprise those breaches have so much in common?
So far this year, phishing, ransomware, and misconfigured IT devices are responsible for 51 out of 81 breaches reported to the U.S. Department of Health and Human Services (HHS). HHS keeps a “Wall of Shame” list of the most egregious data breaches reported this year, so far affecting 2.8 million individuals and their PHI. Misconfigured databases and third-party vendor errors are also a common thread in healthcare breaches. Hacking incidents from phishing and ransomware are responsible for the majority of the top five on the Wall of Shame list. Other commonalities among healthcare breaches include those due to theft or loss, unencrypted devices, and unauthorized access and disclosure.
The list below is courtesy of HHS, and includes the five largest healthcare data breaches so far this year: