2016 Healthcare Data Breaches

While the business sector led the way in reported data breaches for 2016, healthcare came in second by accounting for 34.5 percent of overall reported breaches, according to research from the Identity Theft Resource Center (ITRC) and CyberScout.

As healthcare IT continues to evolve, the executive suite is also expanding and becoming more intricate. Individuals in leadership positions need to keep data privacy and security issues top priorities, especially as healthcare remains a target for cyber criminals.

The business industry had a total of 494 reported data breaches, while there were 377 reported healthcare data breaches. Education came in third with 98 incidents, while the government/military had 72 reported breaches.

One of the leading causes for healthcare data breaches was employee error or negligence, with 43 reported incidents that exposed 1,183,893 records. In comparison, the second leading sector for employee negligence was the government/military, which had 14 breaches and exposed 35,800 records.

Subcontractors, third parties, and business associates were also a top factor for healthcare data breaches, the report found. The medical/healthcare industry had 16 breaches due to a subcontractor or third party, but approximately 4 million records were exposed. The government/military had the second highest amount of records affected with 95,463.

"For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks,” CyberScout CEO and Vice Chair of IRTC’s Board of Directors Matt Cullina said in a statement. “With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution."

Healthcare data breaches also exposed the most Social Security numbers, with 10.4 million records put at potential risk. There were 123 breaches that may have exposed SSNs, the report found, accounting for 11.3 percent of reported breaches.

SSN exposure was a leading concern for all industries, with 52 percent of the overall number of breaches in 2016 potentially putting SSNs at risk. This was an 8.2 percent increase from the number of exposed SSNs in 2015. Researchers noted that this increase aligns with the increase of CEO spear phishing attacks.

HealthSecurity 1:       HealthSecurity 2:

Healthcare Industry Lacks Basic Security Knowhow:

 

« Cybersecurity In 2017: Recruitment Is The Key
Warning: Fake Ransomware »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

Texplained

Texplained

Texplained specializes in security audits of microchips to identify vulnerabilities and protect against invasive cyber attacks.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

AdaptiveMobile Security

AdaptiveMobile Security

AdaptiveMobile Security, a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide.

Compnet

Compnet

Compnet is a service company that assists customers in integrating complete ICT systems including network infrastructure and security solutions.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service — basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

Data Eliminate

Data Eliminate

Data Eliminate provide data destruction, secure end-of-life IT asset disposal, and data protection consultancy services.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Node4

Node4

Node4 provide advanced, cloud-led digital transformation solutions, delivered with technical expertise, innovation and exceptional service to drive your business forwards.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.