Blog

Though the number of data breaches declined slightly from 2022, more than 116 million records were exposed last year, Fortified Health Security found.

Summary:

  • According to Fortified Health Security, a cybersecurity firm, patient records exposed in data breaches in 2023 were twice as many as in 2022, despite a minor decrease in the number of breaches. The firm analyzed data from the HHS’ Office for Civil Rights and discovered that over 116 million records were affected by 655 breaches. This was a “significant peak in patient data exposure” that surpassed a previous record in 2015, when three big breaches caused a surge in leaked health records. The firm also noted that large data breaches were more frequent in 2023, with 16 breaches each compromising more than two million patient records, while there were only three such breaches in 2022.

  • A report by cybersecurity firm Fortified Health Security revealed that data breaches in 2023 exposed double the number of patient records than in 2022, even though the number of breaches slightly dropped. The report used data from the HHS’ Office for Civil Rights and showed that 655 breaches compromised more than 116 million records. This was a “significant peak in patient data exposure” that outdid a previous high in 2015, when three major breaches led to a jump in exposed health records. The report also found that large data breaches increased in 2023, with 16 breaches each affecting more than two million patient records, compared to only three in 2022.
  • Data breaches exposed twice as many patient records in 2023 as in 2022, even as the number of breaches went down a bit, a report by cybersecurity firm Fortified Health Security stated. The report looked at data from the HHS’ Office for Civil Rights and found that 655 breaches impacted more than 116 million records. This was a “significant peak in patient data exposure” that beat a previous high in 2015, when three large breaches resulted in a spike in breached health records. The report also indicated that large data breaches rose in 2023, with 16 breaches each exposing more than two million patient records, while there were only three in 2022.

Insight:

The spike in exposed records and large breaches last year suggests that once threat actors gain access to healthcare organizations’ networks, they’re taking even larger sets of patient data, according to the Fortified report.

Breaches stemming from hacking and IT incidents, which include malware, ransomware and phishing attacks, have soared over the past decade, making up 80% of reported breaches last year. Meanwhile, physical thefts of records have declined as organizations shift to electronic health record systems.

The number of business associates, or outside people or organizations that perform work for entities covered by HIPAA like health plans or providers, are increasingly involved in data breaches, too. Business associate breaches increased by 22% year over year in 2023, according to the report.

Cybersecurity has become a significant challenge for healthcare organizations as the industry digitizes and hackers look to exploit the wealth of valuable personal information.

  • Over the past decade, more than 5,100 healthcare breaches have compromised data from about 489 million patient records across the country, according to the report.
  • Those breaches can have major consequences for both providers and patients. The average cost of a healthcare breach reached nearly $11 million in 2023, increasing more than 50% since 2020, according to a recent report from the Ponemon Institute and IBM Security.
  • Ransomware attacks, where hackers demand payment to return access to critical systems and data, can disrupt hospital operations for weeks, potentially endangering patients.
  • Ardent Health Services was forced to divert emergency care to nearby facilities in multiple states and put elective procedures on hold after an attack on Thanksgiving. The hospital operator announced this month it was able to fully restore access to its MyChart patient portal.
  • As breaches become more commonplace, regulators have shown increased interest in pushing healthcare organizations to boost their cybersecurity measures.

The HHS released a working paper late last year that included proposing hospital cybersecurity standards through Medicare and Medicaid. The Biden administration could soon unveil new requirements for hospitals, according to reporting by the Messenger.

Cybersecurity is a vital aspect of any business

At NUMENTIS, we offer a range of cybersecurity solutions that can help you safeguard your data, systems, and reputation. Whether you need managed IT services, cloud services, VoIP, or cybersecurity solutions, we have the expertise and the tools to meet your needs. We can help you design, implement, and support your IT infrastructure, ensuring that it is highly available, securely protected, and optimized for maximum performance.

Don’t let cyber threats put your business at risk. Contact us today and get a free consultation on how we can help you secure your business. We are a Canadian-owned Managed Services provider that has been serving clients in Mississauga, Toronto, Oakville, and beyond for over 20 years. We are committed to providing you with the best service and the best results. Don’t wait, get in touch with us today and let us help you defend your business from cyber attacks.