Cyberattacks on health-care providers are up in recent months

 (Bloomberg) – Health-care providers and government agencies across the U.S. have seen an increase in cybersecurity breaches in recent months, exposing sensitive data from hundreds of thousands of people as the sector scrambles to find adequate defense mechanisms.

“These threats are real,” Oscar Alleyne, senior adviser at the National Association of County and City Health Officials, said Tuesday during a panel in Washington. The breaches include malware attacks, computer thefts, unauthorized network access and other security breaches, according to a government database that tracks attacks in the health-care sector.


A recent trail of large-scale cyberattacks on the health-care industry exposed the vulnerability of the sector. Last year’s global WannaCry ransomware attack crippled parts of the U.K.’s National Health Service for days. In a 2015 hack, U.S. health insurance giant Anthem Inc. had about 79 million customers’ personal information exposed.

Along with detailed personal information like Social Security numbers, health-care hacks can include sensitive information about a patient’s medical history and treatment. In other cases, breaches can cripple a hospital or health system, preventing sick people from getting the care they need.

Business risk

They can be a business risk, too.

“Of course, there’s privacy,” Axel Wirth, a technical architect at security firm Symantec Corp., said during the panel, “but there’s also intellectual property and business data. Your latest vaccine research could be compromised.”

In April, there were 42 reports of data breaches in the health-care sector, according to the Department of Health and Human Services database, which tracks cases where data from 500 or more people were affected.

That month, the California Department of Developmental Services reported that 12 of its computers, containing medical records of 582,174 people, had been stolen. A few days later, Inogen Inc., a medical-equipment company, said personal information of almost 30,000 customers was exposed after a hacker had gained access to an employee’s email account.

Costly attacks

The attacks can get expensive: According to estimates Alleyne cited during the panel, a data breach can cost health-care providers more than $400 per patient.

“When I was a local epidemiologist, my county was 312,000-something people,” Alleyne said. “You multiply that out by records and see the significant cost.”

Anthem, the insurer, eventually agreed to pay $115 million to resolve consumer claims over its 2015 breach.

Health departments in counties and cities tend not to have sufficient defense mechanisms in place. Alleyne said only 33% of the local health departments in the association had plans on how to defend against a cyberattack. Only 23 conducted training on the issue, and only 8% participated in drills or exercises.

Posted 9:00 AM

Share |

No Comments

Post a Comment
Required (Not Displayed)

All comments are moderated and stripped of HTML.
Submission Validation
Change the CAPTCHA codeSpeak the CAPTCHA code
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013

View Mobile Version