According to a report by Critical Insight, a cybersecurity company, nearly 50 million Americans were impacted by data breaches in 2022.
The number of breaches has dropped from the first half of the year, but the number of individuals affected by those breaches has increased significantly in the second half. In this comprehensive article, we will discuss the details of the report and provide insights on how health systems can better protect their patients’ data from cyberattacks.
Overview of the Report
The report states that there were 658 breaches in 2022, which is a decrease from 711 in 2021.
However, the number of Americans affected by breaches has increased from 53.4 million in 2021 to 49.6 million in 2022.
In the second half of 2022, 28.5 million Americans were affected by breaches, which is a 35% increase from the first half of the year.
The report also found that the average health data breach in the second half of 2022 affected more than 91,000 individuals. Health systems have a lot of work to do to protect patient records from cyberattacks, as attackers are becoming more sophisticated in their tactics.
Shift in Attackers’ Focus
The report highlights a shift in attackers’ focus to gain access to health records.
While criminals are still targeting hospitals and healthcare providers, they are also gaining access by going after the other businesses health systems rely on every day, including third-party vendors, accounting, billing, and lawyers. In the second half of the year, more records were exposed due to breaches occurring at business associates (48%) than at healthcare providers (47%).
Over the course of 2022, 71% of all health data breaches occurred in healthcare providers, while 17% of breaches were linked to business associates, and 12% of breaches came from health plans, according to the report.
Healthcare organizations are paying more attention to the security of data handled by third-party vendors and other business associates, and they are spelling out legal requirements to protect that patient information.
However, it is a challenging task because organizations deal with a lot of third parties, and having the bandwidth to periodically check on them becomes very difficult.
Most Damaging Breaches
The report states that attackers did their most damage by obtaining records from network servers, accounting for 90% of the breached records.
Attackers are apparently finding more success in gaining access to electronic medical records (EMRs).
While breaches involving EMRs were non-existent in the past, the report said 7% of breaches involved EMRs in the first half of the year, and 4% of breaches in the last six months of 2022. For the year, 6 million patient records were exposed due to EMR-related breaches.
Bigger Impact of Breaches
The report highlights that the impact of breaches has grown substantially in recent years. In 2020, 34.4 million Americans had their private information exposed in breaches. There were 662 breaches in 2020, which is virtually the same number as in 2022, but last year’s attacks and breaches affected 15 million more people.
Some breaches are becoming more damaging because attackers are getting more sophisticated. In the past, health systems built defenses against “script kiddies, people that just kind of Googled how to hack something, and they’re looking for commonly known vulnerabilities, but they don’t really know what they’re doing,” says John Delano, a co-author of the report and the vice president of ministry and support services at CHRISTUS Health.
Now, attackers are more sophisticated, making it more challenging to protect against their tactics.
Health systems continue to see breaches occurring through email. In the second half of 2022, 20% of breaches occurred via email, which was down from 30% in the first half of the year. “A lot of organizations do phishing campaigns, and I think that’s helped,” Delano said. “Although phishing campaigns are getting more sophisticated as well. It used to be pretty easy to spot one now. Now it’s a lot more difficult.”
Ransomware attacks continue to frustrate hospitals and health systems. In a recent survey of healthcare IT professionals by the Ponemon Institute, nearly half (47%) said their organizations experienced a ransomware attack in the past two years. More IT professionals are saying the attacks led to complications in patient care, with 45% reporting complications from medical procedures due to ransomware attacks, up from 36% in 2021.
Regal Medical Group, based in California, said last week that a ransomware cyberattack exposed patient information. More than 3 million people could have been affected, according to a database of breaches kept by the U.S. Department of Health & Human Services.
How to Protect Patient Data from Cyberattacks
The Critical Insight report highlights the need for health systems to be proactive in protecting patient data from cyberattacks. Here are some measures that health systems can take to safeguard patient data:
- Implement Multi-Factor Authentication: Multi-factor authentication is an essential security feature that adds an extra layer of protection to prevent unauthorized access to patient data.
- Regularly Train Employees on Cybersecurity: Employees are the first line of defense against cyberattacks, and training them on cybersecurity best practices is crucial to protect patient data.
- Conduct Regular Risk Assessments: Regularly assessing the security risks to patient data can help health systems identify and address vulnerabilities before they can be exploited by attackers.
- Encrypt Patient Data: Encrypting patient data can prevent unauthorized access to sensitive information, making it much harder for attackers to steal data.
- Limit Access to Patient Data: Limiting access to patient data can reduce the risk of a breach occurring. Not everyone in a health system needs access to every piece of patient data.
- Monitor Network Activity: Monitoring network activity can help health systems detect suspicious activity that may indicate an attempted breach.
What is a data breach in healthcare?
A data breach in healthcare occurs when there is unauthorized access to protected health information (PHI). PHI includes any information that can be used to identify a patient, such as their name, address, Social Security number, or medical records.
How do data breaches in healthcare happen?
Data breaches in healthcare can happen in many ways. One common method is through phishing attacks, where attackers send emails or other messages that appear to be legitimate but contain links or attachments that install malware or steal login credentials. Other methods include exploiting vulnerabilities in software or systems or gaining access through third-party vendors.
What are the consequences of a data breach in healthcare?
The consequences of a data breach in healthcare can be severe. Patients’ personal and medical information can be exposed, leading to identity theft, financial loss, and reputational damage. Health systems can also face regulatory penalties, lawsuits, and loss of patient trust.
How can healthcare organizations prevent data breaches?
Healthcare organizations can prevent data breaches by implementing strong security measures, such as multi-factor authentication, employee training, regular risk assessments, data encryption, access controls, and network monitoring.
What should patients do if their data has been breached?
If patients suspect that their data has been breached, they should contact the health system or provider involved and ask for information about the breach. They should also monitor their credit reports and financial accounts for any suspicious activity and consider placing a fraud alert or credit freeze on their accounts.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.