A new study by the Ponemon Institute and ID Experts reveals a trend that has the Healthcare industry on edge. For the first year in it’s five years of reporting, malicious criminal attacks now lead the pack for healthcare data breach causes – previously, unintentional events/accidents were the leading cause of healthcare breaches. This comes on the heels of the Anthem and Premera mega breaches… both criminal attacks.
The FBI Cyber Division Section Chief John Riggi recently spoke at HCCA about the changing “threat landscape”
“Interestingly, they having grown in sophistication and often use your social media profile to craft highly effective spear phishing attacks as a means for gaining access. Once access has been achieved, they will just “phone home” while escalating privileges and building a network map. “The criminal motivation is primarily to steal and monetize your data”. The healthcare sector is uniquely valuable in that it is the only one where there is access to PII, credit information and PHI, all in one place.
Once data is exfiltrated, the cyber criminals will use the “dark web” in order to monetize the data. While credit cards will sell for between $0.50 and $1.00 each, health information data, including name, DOB, policy numbers, etc., will sell for $60.00 to $70.00 for each data record. This creates and extraordinary financial opportunity for organized crime and adverse nation states.”
You can read the full report here: Healthcare data breaches shift from accidental to intentional
You can read the press release here: Study Reveals Five-Year Data Breach and Security Trends of Growing $6 Billion Epidemic That Puts Millions of Patients and Their Information at Risk