Healthcare data attacks fell, but cybercriminals have new target with unstructured data
Healthcare organizations saw fewer records accessed by cyberattacks in 2016, according to the just-released 2017 IBM X-Force Threat Intelligence Index.
Though the industry continued to be plagued by a high number of incidents, the attacks were focused on smaller targets resulting in a lower number of leaked records. In total, 12 million records were compromised in healthcare – keeping it out of the top five most-breached industries. By contrast, nearly 100 million healthcare records were compromised in 2015, which translates to an 88 percent drop in 2016.
However, 2015 was the year healthcare saw one of its largest-ever breaches with the hacking of health insurance company Anthem. That breach resulted in more than 80 million records being accessed.
But while healthcare saw declines, the total number of records compromised in 2016 across all sectors was at an all-time high at 4 billion records. By contrast, 2015 saw 600 million records accessed.
Information and communication services companies and government experienced the highest number of incidents and records breached in 2016.
The report also noted a shift in cybercriminal strategies. In 2016, a number of significant breaches related to unstructured data such as email archives, business documents, intellectual property and source code.
“While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand,” said Caleb Barlow, vice president of threat intelligence at IBM Security. “Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways.”