Healthcare Data Leaks in 1st Half of 2021: Cases with More Than 10K Individuals Affected
According to Market Data Forecast, the North American healthcare market was worth $3.13 billion in 2020 and is set to reach $11.4 Billion by 2025. This makes the healthcare industry a very lucrative target for threat actors.
As a result of cybercriminals taking advantage of the COVID 19 pandemic, we’ve seen an increase in hacking incidents, including ransomware attacks and phishing scams directed toward the healthcare sector. In 2020, there was a 58% increase in the number of confirmed data leaks in the healthcare industry. In total, these incidents exposed almost 12 billion pieces of protected health information (PHI).
The US Department of Health and Human Services Leak Portal recorded 325 new data leaks affecting at least 500 pieces of PHI in the first half of 2021 alone.
Cybercriminals are generally interested in getting hold of records from medical providers which they can either sell or use to commit fraud. In some instances, attackers have gathered healthcare information and filed for insurance claims or obtained expensive medical services and medications under a victim’s name.
See if your email address is pwned
Causes of healthcare data leakes
A total of 235 (72%) of the total number of data leaks reported were the result of hacking/IT incidents such as a compromised network server or hacked email accounts.
Hacking incidents accounted for 96% of all the records leaked in the first half of 2021. There were 71 (22%) unauthorized access incidents reported, and more than 730,000 records were leaked in those incidents. Theft, data loss, and improper disposal resulted in the leak of almost 120,000 individuals’ healthcare records.
Largest data leaks (1st half of 2021)
The table below shows the list of notable data leaks affecting more than 100,000 people in the first half of 2021. Thirty (98%) of these major data leaks were hacking incidents while the other two (affecting the Wyoming Department of Health and Med-Data Incorporated) involved unauthorized access or disclosure.
The largest data leak incident affected the Florida Healthy Kids Corporation and resulted in the exposure of 3.5 million pieces of personal healthcare information.
|Name of Entity
|Florida Healthy Kids Corporation
|20/20 Eye Care Network, Inc
|NEC Networks, LLC d/b/a CaptureRx
|The Kroger Co.
|American Anesthesiology, Inc.
|Personal Touch Holding Corp.
|Health Net Community Solutions
|Wolfe Clinic, P.C.
|Health Net of California
|Bricker & Eckler LLP
|Orthopedic Associates of Dutchess County
|Health Center Partners of Southern California
|Total Health Care Inc.
|Rehoboth McKinley Christian Health Care Services
|Woodcreek Provider Services LLC
|Northwestern Memorial HealthCare
|Trusted Health Plans, Inc.
|Roper St. Francis Healthcare
|Wyoming Department of Health
|Apple Valley Clinic
|Five Rivers Health Centers
|HME Specialists, LLC dba Home Medical Equipment Holdco, LLC
|Health Aid of Ohio, Inc.
|SEIU 775 Benefits Group
|Saint Alphonsus Health System
|San Diego Family Care
|The Centers for Advanced Orthopaedics
|Cancer Treatment Centers of America at Midwestern Regional Medical Center
|BW Homecare Holdings, LLC d.b.a. Elara Caring
The increasing number of cyberattacks will be a great challenge to the healthcare sector and this is expected to continue to post-pandemic time. With the healthcare sector continuing to move toward a consumer-centered model where people can shop for healthcare products using an endless array of apps and services, more and more personal healthcare information is becoming at-risk because the apps and services require the input of personal data to function.
How Trend Micro can help
Use Trend Micro™ ID Security to find out if your information was leaked in a data leak.
Trend Micro ID Security includes:
- Email Checker: Monitors whether your email account has been involved in a leak
- Credit Card Checker: Finds out if someone has stolen your credit card number due to a leak
- Password Checker: Verifies if you have used a password currently in circulation on the dark web
- Dark Web Personal Data Monitor: Scans the dark web for sensitive personal data such as your bank account number, driver’s license data, social security number, and passport details
Scan the QR code below to download Trend Micro ID Security for Android/iOS now:
Or click the button for more information about Trend Micro ID Security:
You Might Also Be Interested In...
Get all the latest cybersecurity news