Skip to main content
close search
site logo
Dive Brief

Ransomware, poor security drove spike in healthcare breaches in 2020

Published Feb. 17, 2021
David Jones's headshot
Reporter
Getty Images

Dive Brief:

  • Department of Health and Human Services data shows more than 26.4 million people were impacted by healthcare breaches in 2020, according to a report from cybersecurity firm Bitglass released Wednesday. About 91% of those healthcare records were exposed due to hacking, according to the report.
  • The report shows 67% of all healthcare data breaches were the result of malicious hacking or weak IT security, accounting for 403 of the 599 reported incidents during the year. The 599 incidents represented a 55% increase from year-ago figures.  
  • "These incidents were primarily caused by malware, ransomware specifically," said Kevin Sheu, senior vice president of marketing at Bitglass. "However, in many cases phishing was also employed in order to apprehend sensitive information, gain access to corporate systems or infect users with threats." 

Dive Insight:

The report highlights a growing trend of individuals and organizational hacking groups targeting healthcare providers for access to personal information of patients, access to medical data or attempts to disrupt medical delivery. 

Hackers are motivated to access healthcare organizations because they store protected health information, including medical history, social security numbers and other critical information that patients would not want revealed to the public, according to the report.

The COVID-19 pandemic created demand for additional data, including medical research data and scientific information on vaccines and other medications to fight the disease, according to Charles Herring, co-founder and chief technology officer at WitFoo.

"Nation-state cyberattacks focusing on COVID-19 vaccine research in 2020 showed the race across international borders to establish dominance in intellectual property created through healthcare research," he said via email.

California had the most healthcare breaches during 2020 with 49, surpassing Texas, which had 43 breaches, according to the report. Michigan had the highest number of people impacted by data breaches, primarily due to the September 2020 Trinity Health System breach, which impacted 3.3 million people. 

The Bitglass report comes just weeks after research from VMware Carbon Black showed a surge in ransomware attacks against healthcare targets. More than 239 million hacking attempts were made against VMware Carbon Black healthcare customers during 2020. There were 816 attempted attacks per endpoint, an increase of more than 9,851% from the prior year, according to VMware Carbon Black. 

"Given the critical nature of data at healthcare organizations, they are often a prime target for attacks, as cybercriminals know patient care is on the line and organizations are more apt to pay," Rick McElroy, principal cybersecurity strategist at VMware Carbon Black, said via email.

Filed Under: Breaches, Threats

Editors' picks

Company Announcements

View all | Post a press release
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell