CEOs Comments On Report: Rise In Healthcare Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Feb 19, 2021 09:06 am PST

Researchers with threat protection company Bitglass are reporting that healthcare breaches reported in 2020 increased to 599, a jump of more than 50% compared to the previous year (386). Most of the breaches were caused by hacking and IT incidents, which exposed data from 24.1 million individuals, making them vulnerable to identity theft and phishing attacks. Experts with Gurucul & YouAttest offer commentary.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Garret F. Grajek
February 19, 2021 5:12 pm

<p>The attack on medical institutions for health care identity data has reached crisis proportions. The information is coveted by hackers because of the valuable PII (personal identification information) that can be used to create lines of credit and other valuable financial instruments.   </p> <p> </p> <p>The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) that enforces federal civil rights laws has been issuing substantial fines for not adhering the practice and procedures outlined in the HIPAA regulations. These include:  $2.3m fine to Community Health Systems for a 6.1m data record breach and a $6.85m fine to Premera for a 10.4m breach in records.  Both were cited for failures concerning risk management and access controls.</p>

Last edited 3 years ago by Garret F. Grajek
Saryu Nayyar
Saryu Nayyar , CEO
February 19, 2021 5:08 pm

<p>The recent Healthcare Breach report highlights what security professionals have been saying for a while – healthcare is at serious risk from cyberattack. From an attacker\’s perspective, the healthcare industry is ripe for data theft, ransomware, and hybrid attacks.  The industry faces a number of challenges as well, between internet connected medical devices that vendors aren\’t patching, to healthcare workers who are prime targets for phishing and social engineering, and complex IT and data systems that need to simultaneously comply with HIPPA and related regulations while being able to easily share data across organizations.</p> <p> </p> <p>Organizations need to review their cybersecurity policies, training regimens, and security stacks to make sure they\’re up to date and able to deal with the challenges they face.</p>

Last edited 3 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x