More Healthcare Breaches – Who’s Next?

breachWith three more healthcare security breaches recently reported, the issue of security is again in the forefront of healthcare news.  In a new report from CyberEdge Group, 52% of security professionals say their organization will likely be successfully attacked in the next year.  The number of actual reported hacks continues to increase with some 16% reporting multiple attacks. Advantage Dental also notified 150,000 patients of a data breach that exposed patient personal information, excluding payment or clinical data.

The three providers recently hit are CHS, Anthem, and Premera leaving the personal data of 11 million individuals exposed, but there have not been any reports of misuse of the stolen data though the fear is that, down the road, the information will be used in cases of identity theft.  Again, it seems that a China-based cyberespionage group may be the culprit of some of the recent attacks. The new attacks come on the heels of the recent Anthem breach that exposed the records of some 80 million people.  In the most recent attacks, Premera had 11 million customers potentially exposed; LifeWise 250,000 with fhe Premera and LifeWise hacks already being pegged by some security experts as potentially part of a larger campaign against insurers that could go back as far as 2013.  With the information much more valuable on the black market than mere credit card numbers, more and more attacks are anticipated as more medical information is available online.

David B. Amsler, president and CIO of Foreground Security stated, “This is a clear sign of a larger, major campaign by select, sophisticated groups to gather significant information for use in a second phase of attacks, most likely on critical infrastructure—government and defense systems, financial services, and power companies and utilities.”  Trent Trelford, CEO of Covata, stated, “This breach again highlights how vulnerable the health care and insurance industries are to attacks. People are entrusting these organizations with their personal information and it is the responsibility of corporations to take appropriate steps to ensure it is protected – this must include data encryption.”

In the case of the Premera breach, three weeks before the event, a report received from an audit that was performed warned of looming network security issues and outlined vulnerabilities including insecure server connections and lack of timely patch implementations.

Even at the provider level, security must be taken seriously and the first step is making sure you have the appropriate firewalls set up.  Microwize Technology can help you assess your systems and provide you with security solutions.  Call today to learn more about what you can be doing to keep you data safe.