Healthcare Sector Accounts For 43% Of UK Data Breaches

Uploaded on 2017-06-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The UK health sector suffered a disproportionate number of data breach incidents between January 2014 and December 2016. In total, healthcare organisations suffered 2,447 incidents and accounted for 43% of all reported incidents in the time period.

By comparison, the second highest was local government, with 642 reported incidents, an 11% share. The data, received from the Information Commissioner’s office, also shows that human error accounts for the almost half of these incidents across every sector.

Analysis of the data found a clear spike in data breach incidents within UK healthcare organisations. Comparing the last quarter (October – December) of the past three years, healthcare organisations were found to consistently top the list for data breach incidents. Furthermore, the number of incidents rose year on year, with a 20% increase, from 184 incidents in the last quarter of 2014, to 221 in the last quarter of 2016.

Critically, the findings showed that the many of these incidents are attributed to human error, rather than external threat. Taking the 221 incidents occurring between October and December 2016, the top-ranking incident types were:

1. Theft or loss of paperwork – 24%
2. Other failure – 22%
3. Data faxed/posted to incorrect recipient – 19%
4. Data sent by email to incorrect recipient – 9%
5. Failure to redact data – 5%

A new report from Vectra Networks into cyber security trends shows healthcare to be the most frequently targeted industry, with 164 threats detected per 1,000 host devices.

Next most targeted are education and media, which had 145 and 123 detections per 1,000 host devices, respectively. By comparison, the food and beverage industry came in as the least targeted industry with just 17 detections per 1,000 hosts.
The study from Vectra Networks revealed recently at Infosecurity Europe event reveals that attack rates are increasing with the average number of reconnaissance, lateral movement and exfiltration detections all up by more than 265 percent.
Media organisations experienced the highest rates of exfiltration, with 34 detections per 1,000 host devices. The rates of exfiltration attempts can likely be attributed to the its decentralised supply chain made up of small businesses with limited IT staff.

The entertainment industry experienced above-average rates of the five attack behaviors measured. Only the food and beverage industry experienced below-average detections for all activity measured.

Reconnaissance detections were up by 333 percent compared to 2016. Internal reconnaissance is a necessary first step for ransomware campaigns, so the sharp increase in detections may be an early indicator of the recent rise of attacks such as WannaCry.

The finance and technology sectors have proved to be the most resilient. These industries have below-average detection rates, with 37 and 38 detections per 1,000 hosts, respectively. This indicates the presence of stronger policies, mature response capabilities, and better control of the attack surface.

Recent Events

“Following the WannaCry exploit, the vulnerability of the healthcare industry, and the critical importance of improving its cyber-security, has come into sharp focus,” said Tony Pepper, CEO and co-founder of Egress Software Technologies. “While it’s clear there is a security problem in healthcare, these figures show that it is as much about internal activity as external threat.
“There’s no doubt that someone inadvertently emailing a spread-sheet containing sensitive patient details to the wrong person isn’t as good a headline as a ransomware attack, but that does not diminish the threat it poses.”

While healthcare had the highest volume of incidents, others are increasing more rapidly. Across all sectors, the total number of security incidents reported has increased by almost one-third (32%) since 2014.

The courts and justice sector has experienced the most significant increase in incidents, a 290% hike since 2014, placing it in the top five worst affected industries by the last quarter of 2016.
Other significant increases can be seen in the central government and finance industries, with 33% and 44% increases, respectively.

The ‘human element’ – where internal staff have made mistakes – accounted for almost half of total data breach incidents: 44% October-December 2014, 43% 2015 and 49% 2016. Data shared in error is the single highest contributor to breaches year-on-year resulting from human error, annually, causing roughly one-third of incidents.
 “We are all aware that security incidents are rising, but many may not suspect how large a proportion of these are down to error and lack of control over sensitive data,” continued Pepper.

“What the information from the ICO makes clear is that all businesses need to do more to better protect sensitive information. Meeting this challenge requires a combination of improved employee training and the communication of risks, and the deployment of the right technologies to minimise the number opportunities available for human error to take hold.”

Information Age:         Beta News:

You Might Also Read:

How Cybercrime Affects The Healthcare Industry:

What Healthcare CISOs Should Know:

Healthcare Starts Spending Big On Cybersecurity:

 

« Australia Implements Mandatory Data Breach Reporting
Israeli Hackers Have Penetrated ISIS Networks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

InfoSecurity Magazine

InfoSecurity Magazine

Infosecurity Magazine has over ten years of experience providing knowledge and insight into the information security industry.

Security Research Labs (SRLabs)

Security Research Labs (SRLabs)

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

National Cyber Security Directorate (DNSC) - Romania

National Cyber Security Directorate (DNSC) - Romania

DNSC (formerly CERT-RO) is the Romanian national cyber security and incident response team.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

NSHC

NSHC

NSHC is a provider of mobile security solutions, cyber security consulting and training, and offensive research.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

ChainSecurity

ChainSecurity

ChainSecurity provides products and services for securing smart contracts and blockchain protocols and conducts R&D in the areas of security, program analysis, and machine learning.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

ArmorCode

ArmorCode

ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

Tech Seven Partners

Tech Seven Partners

At TechSeven Partners, we provide a full suite of cyber security solutions for your business including network monitoring, onsite and cloud backup solutions, HIPAA or PCI compliance.