The exploitation of healthcare facilities by cybercriminals has trended upward since the start of the pandemic. We are constantly hearing about new healthcare data breaches in the news. But why are cybercriminals targeting them?
Cybercriminals are determined to breach hospitals and healthcare providers to gain access to personally identifiable information (PII) as leverage for ransom payments and other malicious acts.
In the past decade, over 314 million healthcare records were either stolen, lost, or exposed via cyber-attack. To put that into perspective, the U.S. population is a little over 332 million people.
Hackers are taking advantage of these overly taxed systems and preying on healthcare providers. Below are five key healthcare data breaches that occurred over the past year and what we can learn from them.
Adaptive Health Integrations Data Breach
Adaptive Health Integrations is a North Dakota-based company that provides billing, revenue, and LIS software services for laboratories. Their system suffered an hacking incident that affected over 500,000 individuals’ sensitive data stored on their network. The company contained the breach by disabling unauthorized access to their network and immediately opened an investigation. Ultimately, the healthcare provider reported that only a limited amount of data was accessed.
Eye Care Leaders Data Breach
Eye Care Leaders, a company offering ophthalmology-specific EMR solutions, encountered a data breach that impacted its myCare Integrity system. This system is used by hundreds of eye care facilities and has so far affected over 2 million people. The data breach occurred within the Eye Care Leaders network, but the impact continues to spread due to its wide use throughout the healthcare industry.
Shields Healthcare Group Data Breach
Shields Healthcare Group provides imaging and management services for healthcare facilities and fell victim to a data breach in March 2022. Suspicious activity was recognized within their network, and, working with specialists, they immediately launched an investigation. Personal information, including social security numbers and medical records, may have been exposed, so Shields worked quickly to rebuild its security system to protect and safeguard all sensitive data.
Partnership HealthPlan of California Data Breach
Partnership HealthPlan (PHC) was attacked by the Hive ransomware group, which resulted in disruptions to their system and the theft of the health records of about 850,000 individuals. PHC worked with forensic specialists to recover their network and analyze which records were affected and what data was lost.
MCG Health Data Breaches
MCG Health is a software company that gives patient care guidelines to healthcare providers and health plans utilizing technology, including AI. The company incurred a data breach that impacted 793,283 individuals and has further spread to at least eight other organizations. As soon as the breach was discovered, MCG deployed enhanced security protocols and monitoring tools to better secure their network.
How to Protect Yourself From a Data Breach
Healthcare data breaches can affect your company’s network and quickly spread and potentially damage thousands of people’s lives. Working with a managed service provider (MSP), can help you react quickly to cyber threats. What you do within the first minutes of an attack can mitigate your risk and exposure.
TPx can help make sure you have the right cybersecurity protections in place including firewalls, endpoint security, next-generation antivirus, and backups to ensure the safety of your data. If you don’t know how your healthcare organization stacks up, we can work alongside you and your team to complete a vulnerability and penetration scan to find out where your weaknesses are to prevent potential cyberattacks. Contact TPx today for more information.