Data breaches within the healthcare sector in the United States are becoming an alarmingly frequent occurrence, and it’s a trend that demands our attention. According to a recent survey, one in every four individuals has fallen victim to cyberattacks this year, painting a stark picture of the cybersecurity landscape. Atlas VPN, a reputable internet security firm, has shared these concerning statistics, revealing that in the third quarter of 2023 alone, approximately 45 million patients’ data was compromised. This marks a significant increase compared to the 37 million affected last year.
The Widespread Impact
This growing concern has not escaped the notice of the US Department of Health and Human Services. Their findings indicate that nearly 43 out of 50 states have been targeted by hackers. Unsurprisingly, California and New York hold the unenviable first and second positions on the list, closely followed by Texas, Massachusetts, and Pennsylvania.
Vermont: The Exception
Remarkably, there is one state that remains untouched by healthcare data breaches – Vermont. In an increasingly treacherous cyber landscape, this anomaly is noteworthy and raises intriguing questions.
The Motivation Behind the Attacks
For those wondering why hackers are increasingly focusing on health data, the answer lies in the data’s value on the dark web. Healthcare information has become a prime target for cybercriminals due to its high market value.
According to a 2021 survey by IBM, a set of 1,000 patient records, containing medical history, contact information, and phone numbers, can fetch as much as $120. Bulk data sets, enriched with additional details like dates of birth and Social Security numbers, are in particularly high demand.
In 2023, a staggering 480 breaches were reported in the first three quarters, marking a significant increase from the 373 recorded in the previous year. The breach at HCA Healthcare stands out as the most impactful, compromising data from 11 million patients. It was closely followed by the breach at Managed Care of North America, where the data of approximately 8.9 million dental patients was stolen earlier in the year.
The escalating number of data breaches in the healthcare sector is a cause for concern. It’s imperative for healthcare institutions to take a proactive approach to data security. This involves not only safeguarding sensitive patient information but also taking steps to stay ahead of the ever-evolving tactics of cybercriminals. In the digital age, data security is not just a responsibility; it’s a necessity.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.