According to Protenus’ Health Care Breach Barometer, the Healthcare industry experienced a reported 31 data breach incidents during the first month of 2017.
Of those data breaches over half of the compromised patient healthcare records that were lost in January were exposed as a result of either malicious of unintentional action by an insider.
While 388,307 patient records were exposed, that’s still a significant decrease from the December 2016 figure totaling in at 1.4 million records compromised.
Nine of the 31 breaches were the result of insider threats, with five involving malicious actions conducted by a worker and the remaining four were from simple human errors that resulted in compromised data. These insider threat breaches accounted for 59.2% of January’s data breaches, or roughly 230,044 records.
Twelve of the January insiders were the result of a healthcare facility being hacked, resulting in 145,636 records being compromised. Each of these hacking attempts came from different sources, but one was an extortion attempt from TheDarkOverlord. Another attacker was not looking for financial gain but instead interfered with a healthcare facility’s ability to access data for marijuana records and prescriptions.
Once hackers gain access to sensitive healthcare information, just about anything can be done. Hackers target these institutes in specific because they carry so much different information on patients. Financial and banking information, insurance information, healthcare information, and all that information can be used to commit identity fraud. That’s why it’s so important to have Host Intrusion Detection measures in place while also abiding by the HIPAA HITECH security controls.