Nearly 50 million people have lost their personal health data to a breach just in 2021, according to a new analysis of HHS stats from Politico.
Another analysis found that the average data breach in 2021 has cost healthcare organizations about $9.23 million.
Even the healthcare industry breaches don't tell the whole story: Breaches are a problem across the business world, with a total of 5.9 billion accounts targeted in data breaches last year.
Hacks Are Rising Fast
Hacks are behind almost 75% of all breaches, an amount up sharply since the 35% of breaches that hacks comprised in 2016. Healthcare is one of the biggest targets for hackers and cybersecurity breaches, due in part to the large databases of sensitive health information they carry that can be used for fraud or identity theft.
What other causes could be behind the rise in recent years? Politico has a few suggestions:
“Experts say the increased hacking can be attributed to the health care industry’s rapid move to digital, particularly amid the Covid-19 pandemic; an increase in remote work, which allows more avenues for attacks with employees using more personal devices; the financially lucrative information for cybercriminals in health care; and greater awareness of attacks across the industry, thus more reporting.”
The Internet of Things and Healthcare
While the Politico analysis doesn't mention IoT devices, the jump from 35% of breaches being because of hacks in 2016 to nearly 75% in 2021 does correlate loosely with the dominance of IoT tech, and warning signs of the industry's poor security protocols have been around for years.
One 2017 study found that more than 70% of healthcare IT network providers think that traditional security solutions will work just well for IoT connected medical devices as they do for laptops and servers — which they don't. Plus, 90% of healthcare networks are connected to IoT devices.
Whether or not the internet of things was involved, though, it's clear that hackers are more prevelant and active than ever in 2022.
Healthcare isn't alone: We saw a grand total of 1,767 publicly reported data breaches across just the first six months of 2021, which added up to the exposure of 18.8 billion records. What's the solution?
Companies should invest in password management tools for all employees, as this fights back against phishing attempts by flagging unsafe websites. VPNs wouldn't hurt, either, although they're less useful against phishing hacks. Finally, a company with a remote or hybrid workforce might need a good remote access software, so that trusted IT teams can handle employee security issues even while across the globe.