By Taylor Armerding
Dec. 20, 2016
And one more thing: It is relatively easy to get. Healthcare organizations do pretty well at keeping their “customers” safe under their care. Unfortunately, they are not so good at keeping those customers’ personal data safe.
That weakness, widely known in the cyber criminal world, is one of the reasons healthcare organizations are such an attractive, and common, target, as multiple organizations have reported.
IBM called 2015 "the year of the health care breach," in its 2016 Cyber Security Intelligence Index.
The ITRC and IDT911 reported in April that while the medical sector ranked second to business in the percentage of breaches reported – 35.4 percent to 40 percent – it was far into first place for the number of records compromised – at more than 113 million, or 66.7% of the total.
David Finn, health IT officer at Symantec, said his firm’s Internet Security Threat Report for 2015 had similar findings – 39 percent of all breaches in 2015 were within health services. “Based on what we have seen on public notifications so far, we would, unfortunately, expect this trend to carry forward in 2016,” he said.
Based on what we have seen … we would, unfortunately, expect this trend to carry forward in 2016.
Actually, according to ITRC, things have improved this year. As of mid-December, while the raw number of breaches increased, the number of medical records exposed dropped dramatically, to about 15.4 million.
That is in significant measure because none of the breaches reported has come even close to the scale of several in 2105, including Anthem (78.8 million), Premera BlueCross (11 million), and Excellus BlueCross BlueShield (10 million). Those three accounted for nearly 90 percent of the total records compromised last year.
Still, the 15.4 million records compromised this year means a lot of lives seriously disrupted. Scott noted that this past June, “the script kiddie 'thedarkoverlord' offered 9.3 million healthcare records on TheRealDeal market on the Deep Web.”
Earlier that month, the same person had offered more than 1 million records from three different organizations – activities documented in an ICIT report in September titled, “Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims.”
Ted Harrington, executive partner at Independent Security Evaluators, added that the success of ransomware attacks against healthcare organizations means more criminals will be drawn to it. While ransomware is not necessarily aimed at stealing data, Harrington said attacks such as those against Medstar and Hollywood Presbyterian, “prove that it is a viable revenue channel for attackers.”
This is not likely to change soon. The reasons why healthcare data remains so accessible to cyber criminals are easily explained but difficult to address.