2016 Healthcare Data Breaches

Uploaded on 2017-02-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

While the business sector led the way in reported data breaches for 2016, healthcare came in second by accounting for 34.5 percent of overall reported breaches, according to research from the Identity Theft Resource Center (ITRC) and CyberScout.

As healthcare IT continues to evolve, the executive suite is also expanding and becoming more intricate. Individuals in leadership positions need to keep data privacy and security issues top priorities, especially as healthcare remains a target for cyber criminals.

The business industry had a total of 494 reported data breaches, while there were 377 reported healthcare data breaches. Education came in third with 98 incidents, while the government/military had 72 reported breaches.

One of the leading causes for healthcare data breaches was employee error or negligence, with 43 reported incidents that exposed 1,183,893 records. In comparison, the second leading sector for employee negligence was the government/military, which had 14 breaches and exposed 35,800 records.

Subcontractors, third parties, and business associates were also a top factor for healthcare data breaches, the report found. The medical/healthcare industry had 16 breaches due to a subcontractor or third party, but approximately 4 million records were exposed. The government/military had the second highest amount of records affected with 95,463.

"For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks,” CyberScout CEO and Vice Chair of IRTC’s Board of Directors Matt Cullina said in a statement. “With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution."

Healthcare data breaches also exposed the most Social Security numbers, with 10.4 million records put at potential risk. There were 123 breaches that may have exposed SSNs, the report found, accounting for 11.3 percent of reported breaches.

SSN exposure was a leading concern for all industries, with 52 percent of the overall number of breaches in 2016 potentially putting SSNs at risk. This was an 8.2 percent increase from the number of exposed SSNs in 2015. Researchers noted that this increase aligns with the increase of CEO spear phishing attacks.

HealthSecurity 1:       HealthSecurity 2:

Healthcare Industry Lacks Basic Security Knowhow:

 

« Cybersecurity In 2017: Recruitment Is The Key
Warning: Fake Ransomware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

KirCCS harnesses expertise across Kent University to address current and potential cyber security challenges.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Positive Technologies

Positive Technologies

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection.

Cyberint

Cyberint

Cyberint, the Impactful Intelligence company, fuses open-deep-and darkweb Threat Intelligence with Attack Surface Management to deliver maximum protection from external threats.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

VADO Security Technologies

VADO Security Technologies

VADO Security enables the safe transfer of data between low & high security networks.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

OGCIO supports the development of community-wide information technology infrastructure and setting of technical and professional standards to strengthen Hong Kong’s position as a world digital city.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

SecureDrives

SecureDrives

Passwordless Authentication & Encrypted Data Storage Solutions from SecureDrives. We are enabling organisations to work safely and securely, using technology driven solutions.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.