The healthcare sector is particularly vulnerable to data breaches, experiencing some of the highest volumes of cyberattacks. The consequences of these breaches can be devastating regarding financial damage and compromised patient data.
Examining the biggest data breaches in the healthcare industry and their implications can provide valuable insights and lessons for organizations to strengthen their cybersecurity measures.
Tricare
Date: September 2011
Impact: 5 million patients
The Tricare data breach stands as one of the largest breaches in the healthcare industry. Tricare, a healthcare program serving active-duty troops, their dependents, and military retirees, suffered this breach following the theft of backup tapes containing electronic health records. These tapes were stolen from the car of an individual responsible for transporting them between facilities.
This breach highlights the importance of adhering to stringent cybersecurity practices and ensuring the encryption of sensitive data.
Community Health Systems
Date: April-June 2014
Impact: 4.5 million patients
The Community Health Systems data breach was carried out by cybercriminals believed to be located in China. Exploiting a software vulnerability, they deployed sophisticated malware, leading to the theft of sensitive patient data.
To prevent similar breaches, educating employees about the warning signs of malware injection attempts and other common cyber threats in the healthcare industry is necessary.
UCLA Health
Date: July 2015
Impact: 4.5 million patients
UCLA Health suffered a data breach that began in October 2014, although it initially appeared to lack malicious potential, in May 2015, a cyberattack compromised sensitive patient information.
A critical lesson from this breach is the need for timely reporting. UCLA Health was fined $7.5 million for failing to report the breach promptly, violating the breach notification protocol specified under HIPAA. Organizations should conduct thorough investigations to prevent reporting delays whenever suspicious network activity is detected.
Shields Healthcare Group Data Breach
Date: March 2022
Impact: 2 million people
Shields Healthcare Group experienced a data breach when an unknown cyberattacker accessed their network server. Although data compromise has not been confirmed, various types of sensitive data, including full names, social security numbers, birth dates, home addresses, provider information, diagnosis information, billing information, insurance numbers, medical record numbers, and other medical treatment information, are at risk.
This breach highlights the importance of a zero-trust approach to cyber threat investigation and the need for data exfiltration detection measures.
Trinity Health Data Breach
Date: May 2020
Impact: 3.3 million patients
Trinity Health fell victim to a ransomware attack attempt carried out against its third-party vendor, Blackbaud. Although Trinity Health successfully blocked the attack, the hackers managed to exfiltrate a subset of patient information data. Because the guarantee of permanent destruction of the stolen data could not be confirmed, Trinity Health treated the incident as a highly probable data breach.
To prevent incidents like these, organizations should implement a third-party vendor attack surface monitoring solution, refrain from complying with cybercriminal demands, and enhance incident response plans.
Broward Health Data Breach
Date: January 2022
Impact: 1.3 million patients
Broward Health suffered a data breach through a compromised third-party medical provider with access to its patient database. It is speculated that the compromised device did not implement multi-factor authentication (MFA).
To prevent similar breaches, organizations should implement MFA across all endpoints, secure all privileged access management, and keep track of all endpoints connecting to the private network.
OneTouchPoint (OTP) Data Breach
Date: July 2022
Impact: 2.6 million people
OneTouchPoint, a third-party mailing and printing vendor, suffered a data breach when its systems were illegally accessed. This breach exposed sensitive information from over 30 healthcare providers, including medical and patient records.
To prevent similar incidents, businesses should conduct annual reviews of their security policies, ensure all safeguards are current, and verify the HIPAA compliance of third-party contractors handling sensitive patient information.
Go deeper:
See also: HIPAA Compliant Email: The Definitive Guide
Farah Amod
