Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

5/3/2017
08:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
0%
100%

Healthcare Breaches Hit All-Time High in 2016

More than 300 healthcare businesses reported data breaches in 2016, but a drop in leaked records put fewer Americans at risk.

A record-breaking 328 healthcare businesses reported data breaches in 2016, surpassing the record of 268 set one year prior. Healthcare records of about 16.6 million Americans were exposed due to hacks, lost or stolen devices, unauthorized disclosure, and other activity.

It's not all bad news, however. Sixteen million is significantly less than the nearly 35 million leaked records in 2015, which excludes the Anthem breach that compromised the information of nearly 80 million people.

These updates come from the Bitglass 2017 Healthcare Breach Report, which aggregates data from the US Department of Health and Human Services' Wall of Shame -- a collection of breach disclosures mandated under HIPAA -- to identify common causes of data exposure.

Bitglass product manager Salim Hafid says the study was done to analyze the causes of breaches and effects they have on businesses and customers. The factors behind data leakage have changed since 2014, when lost or stolen devices were primary drivers of data exposure.

"In the past few years, unauthorized disclosures, and hacking and IT incidents, have taken hold," Hafid says. "Folks are becoming more aware of the value of healthcare data."

Unauthorized disclosures are typically unintentional, he continues, but increasingly common as applications like Google Drive and Dropbox make it easier for employees to send large amounts of sensitive information to the wrong people.

"The rise in unauthorized disclosure isn't because people are more malicious, but because it's easier to share large volumes of data," says Hafid. "The ease with which you can share is both a positive and a negative."

However, bad actors are also part of the problem.

Hacking has become a bigger problem as a rise in publicized breaches is leading attackers to realize healthcare targets aren't as security-savvy as they once believed, especially when many are adopting mobile and cloud systems to accommodate their employees and patients.

"Businesses are incredibly vulnerable, and they don't have the appropriate security tools in place," Hafid continues. "The ability to access data from a personal device outside the corporate network is becoming more common, and organizations don't have the security to protect that kind of access."

While the industry has consistently seen more breaches year after year, Hafid says the decline in exposed records and affected individuals is a sign businesses are heading in the right direction.

A combination of proactive and reactive measures is essential to mitigate the effects of cyberattacks. Proactive measures, like restricting access to sensitive files and putting firewalls in place, are the primary means of limiting data leakage in the event of a breach.

"I think this is a positive sign and shows organizations are taking big steps," says Hafid of the rise in proactive security. "Even if they can't prevent a hack, they can lessen the effects of the hack."

While it's still early to tell how the rest of 2017 will unfold, he wouldn't be surprised to see the number of breaches continue to grow as attackers aim to capitalize on valuable healthcare data. The number of affected individuals will likely continue to drop as businesses put more security measures in place.

Hafid recommends three steps for businesses working to protect themselves:

    • Identity management: Ensure users are who they say they are. Authentication can prevent breaches caused by compromised credentials.
    • Mobile security: Many businesses let their guards down when it comes to mobile security, says Hafid. It's key to stay vigilant in terms of mobile security and protecting devices within the organization.
    • Encryption and data protection: Take steps to ensure files with sensitive data are encrypted. If data is leaked but protected, businesses still have visibility into who is accessing that data.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rdmcneely
50%
50%
rdmcneely,
User Rank: Apprentice
5/3/2017 | 11:40:12 AM
Risk Analysis and Risk Management
Interesting article. The suggestions by Mr. Hafid for protecting sensitive data, however, can only be effective if organizations understand where their data is, who has access to it, what the threats and vulnerabilities to it are, what the likeliehood of threat agents exploiting the vulnerabities is, and what the impact of such exploitation might be. That can only be done by carrying out a thorough risk analysis so that when it comes to determining where controls need to be in place and what those controls need to be, responsbile personnel can make solid and informed decisions. Such knowledge, when appropriately applied, will provide for a better protection and defense of personal health information.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.