Hackers can use personal healthcare information to target victims with fraudulent schemes related to their medical history.

A new report from GlobalData estimates that up to 22 million US health records have been breached so far in 2022.

The same report forecasts that spending on cybersecurity in the global healthcare industry will increase by nearly $400 million in the next 3 years.

This increase is sorely needed in a sprawling industry which is so often behind the times in terms of information security. The health care industry is often a prime target of ransomware attacks as they store valuable and confidential information on their customers.

Included in this collection is not only names, date of births and medical record numbers but also private health information (PHI) which can include one’s medical history, address, email addresses, and social security numbers.

Using this information, threat actors can design a number of phishing schemes to target patients for further exploitation. Unlike credit card information or personal identification information, medical history cannot be changed, making it much more valuable on the black market.

Over 41 million individuals in the US alone were affected by healthcare data breaches in 2021, according to reports of breaches affecting 500 individuals or more by the US Department of Health and Human Services (HHS) Office of Civil Rights

The largest presently known breach for 2022 so far was the breach at Shields Health Care Group, which affected as many as two million individuals.

Doctor holding phone

Security Management for Healthcare: Proactive Event Prevention and Effective Resolution

DISC InfoSec

#InfoSecTools and #InfoSectraining



Ask DISC an InfoSec & compliance related question