Attacks/Breaches

5/3/2017
08:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
0%
100%

Healthcare Breaches Hit All-Time High in 2016

More than 300 healthcare businesses reported data breaches in 2016, but a drop in leaked records put fewer Americans at risk.

A record-breaking 328 healthcare businesses reported data breaches in 2016, surpassing the record of 268 set one year prior. Healthcare records of about 16.6 million Americans were exposed due to hacks, lost or stolen devices, unauthorized disclosure, and other activity.

It's not all bad news, however. Sixteen million is significantly less than the nearly 35 million leaked records in 2015, which excludes the Anthem breach that compromised the information of nearly 80 million people.

These updates come from the Bitglass 2017 Healthcare Breach Report, which aggregates data from the US Department of Health and Human Services' Wall of Shame -- a collection of breach disclosures mandated under HIPAA -- to identify common causes of data exposure.

Bitglass product manager Salim Hafid says the study was done to analyze the causes of breaches and effects they have on businesses and customers. The factors behind data leakage have changed since 2014, when lost or stolen devices were primary drivers of data exposure.

"In the past few years, unauthorized disclosures, and hacking and IT incidents, have taken hold," Hafid says. "Folks are becoming more aware of the value of healthcare data."

Unauthorized disclosures are typically unintentional, he continues, but increasingly common as applications like Google Drive and Dropbox make it easier for employees to send large amounts of sensitive information to the wrong people.

"The rise in unauthorized disclosure isn't because people are more malicious, but because it's easier to share large volumes of data," says Hafid. "The ease with which you can share is both a positive and a negative."

However, bad actors are also part of the problem.

Hacking has become a bigger problem as a rise in publicized breaches is leading attackers to realize healthcare targets aren't as security-savvy as they once believed, especially when many are adopting mobile and cloud systems to accommodate their employees and patients.

"Businesses are incredibly vulnerable, and they don't have the appropriate security tools in place," Hafid continues. "The ability to access data from a personal device outside the corporate network is becoming more common, and organizations don't have the security to protect that kind of access."

While the industry has consistently seen more breaches year after year, Hafid says the decline in exposed records and affected individuals is a sign businesses are heading in the right direction.

A combination of proactive and reactive measures is essential to mitigate the effects of cyberattacks. Proactive measures, like restricting access to sensitive files and putting firewalls in place, are the primary means of limiting data leakage in the event of a breach.

"I think this is a positive sign and shows organizations are taking big steps," says Hafid of the rise in proactive security. "Even if they can't prevent a hack, they can lessen the effects of the hack."

While it's still early to tell how the rest of 2017 will unfold, he wouldn't be surprised to see the number of breaches continue to grow as attackers aim to capitalize on valuable healthcare data. The number of affected individuals will likely continue to drop as businesses put more security measures in place.

Hafid recommends three steps for businesses working to protect themselves:

    • Identity management: Ensure users are who they say they are. Authentication can prevent breaches caused by compromised credentials.
    • Mobile security: Many businesses let their guards down when it comes to mobile security, says Hafid. It's key to stay vigilant in terms of mobile security and protecting devices within the organization.
    • Encryption and data protection: Take steps to ensure files with sensitive data are encrypted. If data is leaked but protected, businesses still have visibility into who is accessing that data.

Related Content:

Kelly Sheridan is Associate Editor at Dark Reading. She started her career in business tech journalism at Insurance & Technology and most recently reported for InformationWeek, where she covered Microsoft and business IT. Sheridan earned her BA at Villanova University. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rdmcneely
50%
50%
rdmcneely,
User Rank: Apprentice
5/3/2017 | 11:40:12 AM
Risk Analysis and Risk Management
Interesting article. The suggestions by Mr. Hafid for protecting sensitive data, however, can only be effective if organizations understand where their data is, who has access to it, what the threats and vulnerabilities to it are, what the likeliehood of threat agents exploiting the vulnerabities is, and what the impact of such exploitation might be. That can only be done by carrying out a thorough risk analysis so that when it comes to determining where controls need to be in place and what those controls need to be, responsbile personnel can make solid and informed decisions. Such knowledge, when appropriately applied, will provide for a better protection and defense of personal health information.
3 Ways to Retain Security Operations Staff
Oliver Rochford, Vice President of Security Evangelism at DFLabs,  11/20/2017
A Call for Greater Regulation of Digital Currencies
Kelly Sheridan, Associate Editor, Dark Reading,  11/21/2017
New OWASP Top 10 List Includes Three New Web Vulns
Jai Vijayan, Freelance writer,  11/21/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.