A recent study revealed that healthcare data breaches accounted for 39 percent of data breaches in 2015.Healthcare data breaches were the most common type of data security incident reported in 2015, according to a recent study by Symantec Corporation.
“This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of data breaches,” explained the authors of the study. “However, the number of identities exposed is relatively small in this industry. Such a high number of breaches with low numbers of identities tends to show that the data itself is quite valuable to warrant so many small breaches.”
There were 120 healthcare data breaches reported in 2015, which was the largest number of data breaches across all industries studied. The next leading industries for data breaches (business and education) only reported 20 incidents each.
Despite the prevalence of healthcare data security events, the study reported only 1 percent of incidents led to exposure of identities. That still accounted for nearly four million individuals who had their identities exposed as a result of a healthcare data breach.
The study attributes the growing volume of data breaches across all industries to a shift in how cybercriminals operate.
Researchers found that more cybercriminals used more zero-day attacks, including phishing scams and ransomware, in 2015.
The number of zero-day vulnerabilities in 2015 increased by 125 percent from a year ago. Meanwhile, 430 million new malware variants were found in 2015.
Even though cyberattacks are becoming more sophisticated and business-like, the healthcare sub-sector is not being targeted as frequently as other industries.
The study reveals that, in the healthcare field, about 54.1 percent of emails are spam. Cybercriminals typically use spam to execute more advanced cyberattacks.
However, the phishing ratio in the healthcare field was only 1 out of 2,711 emails, which was the second lowest ratio across all industries.
The healthcare industry was also one of the least likely sectors to be targeted for spear-phishing attacks, the study confirmed.
Additionally, the healthcare sector was the least likely to encounter an email containing a virus. The virus ratio was 1 out of every 396 emails.
Here is the link:
There is really little to add. Clearly everyone handling health information needs to be careful given they have a great big target on their back!