What Cybercriminals Steal When They Hack Hospitals, New Study
A new academic study analyzing 1461 breaches from 1388 healthcare facilities that impacted 169 million patients over the last decade, indicates that hackers are mostly interested in financial or demographic information, rather than patient records. Financial and demographic data was targeted in 70% of the breaches accounting for 95% of all affected patients. Medical data was exclusively targeted in just 16% of the breaches impacting 6 million patients, while hackers obtained sensitive medical data in a mere 2% of breaches impacting 2.4 million patients.
Lead author Xuefeng Jiang says that “more than half of data breaches could be attributed to healthcare providers’ internal mistakes or negligence,” which included not encrypting laptop computers; using ‘cc instead of ‘bcc when emailing patients; and not revoking the login credentials of former employees.