As cyberattacks against hospitals in the United States (U.S.) show no signs of ending, 41 million health records have already been exposed in 2023.
There have been 349 reported health data breaches between January 1 and June 30, 2023, resulting in 41 million healthcare records exposed, according to the latest data from Cynerio, an IT services company.
The report predicts that one in four Americans will have their healthcare data leaked this year. Medical records include highly sensitive information, such as Social Security numbers and health insurance information, which can be easily monetized.
Criminals can use such data to commit identity theft to obtain loans and credit cards in victims' names, whereas healthcare information can be used to impersonate patients to obtain expensive medical services, devices, and prescription medications.
An estimated 840 ransomware attacks against U.S. hospitals occurred during the same period, with Georgia, Kentucky, California, Massachusetts, and Florida being the most affected. Nearly half (43%) of the hospitals choose to pay ransoms, which usually range between $250,000 to $500,000.
One hospital was entirely shut down due to the financial impact of a ransomware attack. The Cynerio report indicates that 45% of cyber attacks result in adverse effects on patient care, such as:
- Longer length of hospital stay.
- Increased mortality rates.
- Patient transfers or diversions.
- Delays in procedures or tests with poor outcomes.
- Complications from medical procedures.
According to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights reports, the number of cybersecurity breaches in healthcare slightly declined this year compared to 2022. However, early data shows that the number of affected individuals rose by 50%, suggesting that criminals target larger networks.
While it is the job of healthcare institutions to ensure the safety of their patient's data, individuals can also take simple steps to protect their medical records:
- In case of a data breach, change passwords on your accounts.
- Don't use the same password on different sites.
- Avoid easily guessable passwords, such as your mother's maiden name.
- Use multifactor authentication, which allows access to your accounts in a non-password-related way.
Continuous cyber attacks against hospitals result not only in substantial financial losses but also adverse impacts on patient care, including increased mortality rates.
2 resources
- Cynerio. The Insecurity of U.S. Healthcare 2023.
- The HIPAA Journal. Editorial: Why Do Criminals Target Medical Records.
Your email will not be published. All fields are required.