May 12, 2015
Healthcare providers and health systems, beware.
According to a recent study,* cyberattacks against the U.S. healthcare system have more than doubled in the past five years—and it won’t stop there.
Instead of going after retailers and financial firms as they have in the past (see New Cyberattack Targets 1,000 Major Networks – and Probably More and Recent Cyberattack Calls Device Unlocking Policies into Question), hackers are now targeting healthcare providers for their valuable medical records.
The reason? Experts say that medical records can sell for as much as 20 times the price of a stolen credit card number,* as they often contain Social Security numbers, insurance IDs, addresses and medical details.
For hackers, that could mean taking out a loan, opening a line of credit, or even receiving free medical care using a victim’s insurance ID. And from there, the data can be resold on private forums on the “black market” of the internet—what experts call the “dark web.”*
Overall, the theft and sale of medical records is a growing market. According to the Department of Health and Human Services, the health records of 88.4 million people were stolen in 2014—about twice as many as in 2010.
And what’s more, experts say that the cybersecurity world is likely only aware of a small fraction of the total theft happening every day.
Meanwhile, half of the healthcare organizations surveyed* admitted to insufficient protection against cyberattacks, whether in the form of technology or personnel to adequately handle a data breach. Furthermore, as organizations make the modern transition from paper-based to automated systems, their vulnerability grows.
In early 2015, Anthem—the second largest U.S. health insurer—became the victim of a massive cyberattack that exposed personal information from millions of consumers (for more information, see Fortify Your Security in 6 Steps, as well as advice to ensure that your information is secure as possible).
According to the study, almost 90 percent of healthcare providers were the victims of cyberattacks in the last two years, with the average data breach leaving a hospital with $2.1 million in costs.
Moreover, half of these data breaches were reportedly criminal in nature.*
As cyberattacks become more rampant and hackers become savvier, the healthcare industry is finding itself in a dire situation.
For more information, check out how network teams are handling enterprise security, as well as compelling reasons why you shouldn’t overlook enterprise security.