Analecta Cyber Company Blog: Most Healthcare Breaches Are Hacks

2016-04-15

Most Healthcare Breaches Are Hacks

Healthcare breaches were dominated by hacking in 2015, according to a cloud access security study.
In fact, hacking accounted for 98% of data breaches over the course of the whole year. Furthermore, the report indicates an estimated 1 in every 3 Americans had their personal data compromised just in the previous year.

Some of the major healthcare data breaches that happened last year include the Premera Blue Cross hack, which involved roughly 11 million customer records, and the Anthem hack wherein nearly 80 million patient records were leaked.Phishing emails were used as an attack method for these two major breaches.

In a different report for the year 2015, another primary cause of compromised health data was loss and theft of employee devices. These accounted for 140 breaches last year, much higher than 2014 with only 97 incidents all in all.

The data for 2015 appeared to be increasing, both in terms of the number of breaches and its proportion compared to other fields. By taking into account all data breaches, 21% could be traced in the healthcare and medical industry. This percentage was the highest among all the other industries, with a total of 187 incidents, where data breaches happened a year ago. These involved approximately 84.4 million records compromised just in the previous year.

Numbers on the rise

Comparing these numbers for 2014, healthcare data leak accounted for only 5.2% for the second half of the year. A majority of data breaches targeted the retail and financial services industries, more specifically, the banking records of individuals.

Comparing both the first 6 months of 2014 and 2015, the number of data breach incidents increased by 10 % from the prior year, coming to a total of 888 incidents reported. But in terms of compromised patient records, a decrease of 41% was seen for the first half of 2015 compared to 2014, with a total of 246 million records compromised across the globe. This information accessed by attackers was primarily used for identity theft, as indicated in the result of a research study. This accounted for roughly 75% of all records compromised.

With all this information, it is enough to generalize that more effort should be exerted by the medical and healthcare industry; not only to protect patient's records and data but also to mitigate the effects it could generate such as fraud and identity theft.