For the fourth year in a row, the healthcare sector reported the largest number of data breaches, according to Symantec's 2015 Internet Security Threat Report.
Healthcare experienced 116 data breach incidents in 2014 — 37% of all reported incidents. Through those 116 healthcare data breaches, more than 7 million identities were exposed.
Symantec reported that it saw a 25% increase in the number of healthcare data breaches in 2014 — two percentage points higher than the rate across all industries. According to the Norton Cybercrime Index, 44 percent of healthcare breaches were the result of lost or stolen devices —a 10% percent increase over the previous year.
Healthcare data breaches that were the result of attacks were up 82 percent in 2014. The number of healthcare data breaches attributed to insider theft nearly doubled in 2014. The number of identities being accidentally exposed publicly as the result of error was also up approximately 11% in 2014.
Here are some noteworthy observations on healthcare cybersecurity from the report:
"Too many healthcare organizations are still underinvesting in cybersecurity, making them an easy target for cybercriminals’ increasingly sophisticated and targeted attacks." — Axel Wirth and David Finn
"...targeting patient medical information for purposes of medical identity theft, financial fraud, or health insurance fraud has become an increasing problem." — Axel Wirth and David Finn
"Neither location nor size provides any protection, as in the case of a 22-bed rural community hospital in Southern Illinois, which received stolen patient data in an email with the request to pay a ransom or the information would be made public." — Axel Wirth and David Finn
"Another situation that many healthcare providers struggle with are poorly patched devices, often running end-of-life operating systems. These highly vulnerable devices are a problem not because they are targeted, but because of their susceptibility to common malware." — Alex Wirth
"Breach numbers in healthcare are high and they are trending up."
"Unfortunately, for the most part, the healthcare industry is not prepared to face today’s cybersecurity risks..." — Axel Wirth and David Finn
Worried about your organization's susceptibility to cyber attacks and data breaches? Contact PriorityOne Group today to learn how we can help protect your business from cyber criminals.