Attacks/Breaches

5/3/2017
08:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
0%
100%

Healthcare Breaches Hit All-Time High in 2016

More than 300 healthcare businesses reported data breaches in 2016, but a drop in leaked records put fewer Americans at risk.

A record-breaking 328 healthcare businesses reported data breaches in 2016, surpassing the record of 268 set one year prior. Healthcare records of about 16.6 million Americans were exposed due to hacks, lost or stolen devices, unauthorized disclosure, and other activity.

It's not all bad news, however. Sixteen million is significantly less than the nearly 35 million leaked records in 2015, which excludes the Anthem breach that compromised the information of nearly 80 million people.

These updates come from the Bitglass 2017 Healthcare Breach Report, which aggregates data from the US Department of Health and Human Services' Wall of Shame -- a collection of breach disclosures mandated under HIPAA -- to identify common causes of data exposure.

Bitglass product manager Salim Hafid says the study was done to analyze the causes of breaches and effects they have on businesses and customers. The factors behind data leakage have changed since 2014, when lost or stolen devices were primary drivers of data exposure.

"In the past few years, unauthorized disclosures, and hacking and IT incidents, have taken hold," Hafid says. "Folks are becoming more aware of the value of healthcare data."

Unauthorized disclosures are typically unintentional, he continues, but increasingly common as applications like Google Drive and Dropbox make it easier for employees to send large amounts of sensitive information to the wrong people.

"The rise in unauthorized disclosure isn't because people are more malicious, but because it's easier to share large volumes of data," says Hafid. "The ease with which you can share is both a positive and a negative."

However, bad actors are also part of the problem.

Hacking has become a bigger problem as a rise in publicized breaches is leading attackers to realize healthcare targets aren't as security-savvy as they once believed, especially when many are adopting mobile and cloud systems to accommodate their employees and patients.

"Businesses are incredibly vulnerable, and they don't have the appropriate security tools in place," Hafid continues. "The ability to access data from a personal device outside the corporate network is becoming more common, and organizations don't have the security to protect that kind of access."

While the industry has consistently seen more breaches year after year, Hafid says the decline in exposed records and affected individuals is a sign businesses are heading in the right direction.

A combination of proactive and reactive measures is essential to mitigate the effects of cyberattacks. Proactive measures, like restricting access to sensitive files and putting firewalls in place, are the primary means of limiting data leakage in the event of a breach.

"I think this is a positive sign and shows organizations are taking big steps," says Hafid of the rise in proactive security. "Even if they can't prevent a hack, they can lessen the effects of the hack."

While it's still early to tell how the rest of 2017 will unfold, he wouldn't be surprised to see the number of breaches continue to grow as attackers aim to capitalize on valuable healthcare data. The number of affected individuals will likely continue to drop as businesses put more security measures in place.

Hafid recommends three steps for businesses working to protect themselves:

    • Identity management: Ensure users are who they say they are. Authentication can prevent breaches caused by compromised credentials.
    • Mobile security: Many businesses let their guards down when it comes to mobile security, says Hafid. It's key to stay vigilant in terms of mobile security and protecting devices within the organization.
    • Encryption and data protection: Take steps to ensure files with sensitive data are encrypted. If data is leaked but protected, businesses still have visibility into who is accessing that data.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rdmcneely
50%
50%
rdmcneely,
User Rank: Apprentice
5/3/2017 | 11:40:12 AM
Risk Analysis and Risk Management
Interesting article. The suggestions by Mr. Hafid for protecting sensitive data, however, can only be effective if organizations understand where their data is, who has access to it, what the threats and vulnerabilities to it are, what the likeliehood of threat agents exploiting the vulnerabities is, and what the impact of such exploitation might be. That can only be done by carrying out a thorough risk analysis so that when it comes to determining where controls need to be in place and what those controls need to be, responsbile personnel can make solid and informed decisions. Such knowledge, when appropriately applied, will provide for a better protection and defense of personal health information.
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.