Amongst the chaos the COVID pandemic caused everyone, hackers and other malicious actors took advantage of it to do serious damage, especially to the very vulnerable healthcare field.
Healthcare and related services are particularly vulnerable to hacks and breaches. They retain Protected Health Information such as private healthcare information as well as Personally Identifiable such as driver’s licenses and credit cards. 2020 showed that a Pandemic did not slow this down. According to The Tenable Research 2020 Threat Landscape Retrospective, 2020 was the worst year on record for healthcare related cyber breaches with a total 536 reported, topping 2019 which was already seen as a bad year. 2021 is already shaping up to be worse with 56 reported breaches in the first quarter alone. Of the 22 Billion records fraudulently accessed or compromised in 2020 the majority were in the health care field.
Many reasons were cited for the increase. Chief among them was the sudden change to remote desktops. These desktops would not have the same amount of security as an office VPN. Another factor is the increasing value of these files, with some experts putting the projected value of $150 per file stolen. As a result, ransomware, which locks these records until money is paid out, accounted for 54% of the healthcare cyber breaches.
Another trend that dovetails into this is the new standard practice of exfiltrating target files before locking systems down with ransomware attacks, something that was not common until fairly recently.
The average data breach cost has also gone up across the board in the past year, but particularly so for the medical industry. Healthcare data breaches cost an average of $7.13 million, nearly double the $3.86 million average cost for all industries. These breaches usually have more costly cleanups due to the amount of highly sensitive personal information that is leaked, combined with more expensive fines due to special regulations for records handling in patient care facilities (such as HIPAA). [1]
Breaches are happening more and more and the costs of covering them are becoming substantial. The best weapon against such breaches is diligence, training, and preparedness.
For more information on our Cyber Policies: (Link)
[1] https://www.cpomagazine.com/cyber-security/rise-in-healthcare-data-breaches-driven-by-ransomware-attacks/
