Home News 70% of the U.S. Population Affected by Health Care Data Breaches

70% of the U.S. Population Affected by Health Care Data Breaches

Cyberattack on Ireland's Health care

Health care providers have been the primary targets of cyberattacks, with several data breaches and ransomware attacks making headlines in the last few years. Health care organizations have suffered the highest number of cyberattacks than any other sector in the U.S.

According to a survey from privacy website PrivacyAffairs.com, health care data breaches increased by 2,733% between 2009 and 2019 in the U.S., at an average of 1.4 breaches exposing at least 500 records per day. The survey “U.S. Healthcare Data Breach Statistics” revealed over 3,054 data breaches of health care records over the past decade.

Large Amount of Compromised Data

The survey highlighted that 70% of the U.S. population is affected by health care data breaches, with over 230,954,151 health records lost, stolen, or exposed in various security incidents. It is found that 2018 and 2019 witnessed a sharp increase in the number of individuals affected by health care data breaches, with a six-fold increase between 2017 and 2019.

Biggest Health Care Breachescription

The ten biggest health care data breaches of the past decade according to the study include:

Organization             Individuals Affected                               Year
Anthem Inc. 78,800,000.00 2015
Premera Blue Cross 11,000,000.00 2015
Laboratory Corporation of America Holdings dba LabCorp 10,251,784.00 2019
Excellus Health Plan, Inc. 10,000,000.00 2015
Community Health Systems Professional Services Corporations 6,121,158.00 2014
Science Applications International Corporation (SAIC) 4,900,000.00 2011
Excellus Health Plan, Inc. 10,000,000.00 2015
University of California, Los Angeles Health 4,500,000.00 2015
Community Health Systems Professional Services Corporation 4,500,000.00 2014
Advocate Health and Hospitals Corporation, d/b/a Advocate Medical Group 4,029,530.00 2013
Medical Informatics Engineering 3,900,000.00 2015

escription

Vulnerable Systems

Majority of the hospitals are vulnerable to cyberattacks as many of them are using outdated computers and connected medical devices. Most of the hospital security teams neglect known vulnerabilities leaving them unpatched.

“A huge number of modern medical devices rely on networking in order to relay information and work together. Like using a smartphone to control your thermostat, hospitals increasingly rely on IoT for improved patient care. Due to the vast number of connected devices in hospitals, the logistical challenge for IT teams is often too great for proper cybersecurity maintenance. Add to this that medical devices are not usually built with security baked in, and it’s easy to see why medical devices are often used as an entry point for an attacker to gain access to a healthcare provider’s network,” the survey report stated.