Hackers target healthcare info that can be monetized

PARCA eNews – Sept. 24, 2019 – A total of 169 million Americans had personal information compromised in 1,461 data breaches at healthcare organizations over the last 10 years, a news study shows.

The study in the Sept. 24, 2009 Annals of Internal Medicine analyzed healthcare data breaches that occurred between October 2009 and July 2019 that impacted more than 500 individuals and were reportable incidents under the HIPAA and HITECH Act.

The key findings of the study included:

• 71% of breaches involved either sensitive demographic information or sensitive financial information, which placed 159 million individuals at risk of identity theft or financial fraud
• 66% of breaches involved sensitive demographic information such as Social Security numbers
• 65% of the breaches exposed general medical or clinical information
• 35% of breaches compromised service or financial information
• 16% of breaches only exposed medical or clinical information without exposing sensitive demographic or financial information
• 76% of breaches included sensitive service and financial information such as credit card numbers – Those breaches affected 49 million individuals
• 2% of breaches compromised sensitive health information – Those breaches affected 2.4 million individuals

The researchers concluded that hackers are not targeting healthcare records for medical information but for information that can be monetized. The authors suggest that hospitals should use store demographic separate from financial and medical information to minimize the impact of breaches on patients.