The biggest healthcare data breaches of 2018 (so far)
Healthcare Data Breaches
The biggest healthcare data breaches of 2018 (so far)
Healthcare continued to be a lucrative target for hackers in 2017 with weaponized ransomware, misconfigured cloud storage buckets and phishing emails dominating the year. In 2018, these threats will continue and cybercriminals will likely get more creative despite better awareness among healthcare organizations at the executive level for the funding needed to protect themselves.
This collection highlights some of the biggest breaches across the industry – and points to some mistakes to avoid in the future.
Boston Medical Center, Brigham and Women’s Hospital and Massachusetts General Hospital let ABC film a documentary on site without obtaining patient authorization.
The Fetal Diagnostic Institute of the Pacific was able to restore data from backups, and with help from a cybersecurity firm wipe the virus from the infected server.
Orlando Orthopaedic’s transcriptionist vendor misconfigured access to a database during a software upgrade. The health center waited nearly six months to report.
An investigation into a ransomware attack found hackers peppered Missouri-based Blue Springs Family Care with a variety of malware programs, which gave them full access to its systems.
In what officials say was a "deliberate," highly targeted attack, cybercriminals repeatedly targeted Singapore Prime Minister Lee Hsien Loong’s personal records.
Employees fell victim to a targeted phishing campaign, which may have exposed sensitive data for some patients, including Social Security numbers and health insurance information.
Two employee email accounts were breached by phishing attacks, which potentially gave hackers access to a trove of highly sensitive data that varied by patient.
Emergency and stroke patients are still being diverted to ensure patients receive the best possible care, but the Missouri health system remains fully operational thanks to its prepared incident response plan.
While only about 6,500 patients were impacted by a cyberattack on Associates in Psychiatry and Psychology in March, the provider's transparency in its breach notification is a valuable example for other organizations.
A hacker told Holland Eye Surgery and Laser Center in March that they had accessed a patient list, but an investigation revealed that another access occurred back in 2016.
A hacker hit some email accounts of Aultman Health Foundation with a phishing attack in February, but officials didn’t discover the breach until March 28.
Discovered on March 18, the health system was infected with malware that infected its EMR server, patient registration and billing systems for more than a year.
Inspector general says Defense Health Agency sites failed to consistently implement technical, physical and administrative protocols and may have violated HIPAA regulations in the process.