Millions of staff and patients had personal information exposed in healthcare data breaches across the US last year, new research has revealed.
According to security firm Bitglass, a total of 599 healthcare breaches affected more than 26 million people in 2020, with 91.2% of the records exposed as a result of hacking and IT incidents.
The average cost per breach also increased for healthcare organizations, from $429 in 2019 to $499 last year, and data loss incidents accounted for losses of $13.2 billion in total.
As a result of the pandemic, healthcare institutions attracted the attention of a variety of cybercriminals last year, who sought to take advantage of overworked personnel and disrupt patient care.
In 2020, 37 of the 50 US states suffered more breaches than the previous year, with California recording the most healthcare breach incidents at 49. This was even higher than the 2019 record: 43 incidents in Texas. Recovery from a breach took 236 days for the average healthcare firm last year.
“The vast majority of healthcare organizations process and store protected health information (PHI) such as Social Security numbers, medical history, and other personal data. It is no surprise that these entities would be targeted by malicious cybercriminals seeking to access sensitive data for monetary gain,” said Anurag Kahol, Bitglass CTO.
“The exceedingly high number of hacking and IT incidents highlight the shifting strategies of malicious actors. As healthcare organizations continue to embrace cloud migration and digital transformation, they must leverage the proper tools and strategies to successfully protect patient records and respond to the growing volume of threats to their IT ecosystems.”