New Data Breach Report: Cybersecurity Stats in Healthcare



Last week Verizon released their 2022 Data Breach Investigations Report (DBIR). According to the report, the number of cyberattacks in 2021 grew in every industry, including healthcare. Researchers found that ransomware increased 13% year-over-year, which is more than the growth of the previous five years combined.

Data for the Report was gathered from 20,000+ security incidents, with 849 of them in healthcare. Let’s look at some more of the key findings:

  • External threats accounted for 61% of healthcare threat actors, staying consistent with last year’s report.
  • The top three attack patterns from last year remained the same this year, but the order changed. While “Miscellaneous Errors” were still a significant problem, the number of these types of incidents was surpassed by the number of “Basic Web Application Attacks,” with “System Intrusion” making up the third largest category. These three types made up 76% of all healthcare breaches.
  • Employees are still causing breaches, but they are now 2.5 times more likely to make an honest error (in most cases loss or misdelivery) than they are to misuse access to PHI with malicious intent.
  • The rise in basic web application attacks indicates that cybercriminals are growing more powerful and getting what they want more often.
  • 95% of threat actors were financially motivated.

Another interesting thing to note is that across all industries (not just healthcare) about a quarter of the breaches were caused by some form of social engineering attack. Adding this number with the number of human error and privilege misuse breaches, researchers saw that the “human element accounted for 82 percent of analyzed breaches in 2021.”


What does all this mean for you?

Since the rise of basic web application attacks in 2019, healthcare “has increasingly become a target of run-of-the-mill hacking attacks and the more impactful ransomware campaigns.” With that said, taking measures to secure electronic patient data from these attacks is essential.

Conducting a Network Vulnerability Assessment is a critical first step towards understanding your cybersecurity vulnerabilities. When the scan is complete, you’ll need to proactively establish strong cybersecurity practices to keep data safe and out of the hands of hackers. The large number of breaches in 2021 involving employee mistakes demonstrates the need for all healthcare employees to be trained regularly on the cybersecurity requirements of their job.

The Medcurity Network Vulnerability Assessment includes a comprehensive scan, with a prioritized vulnerabilities report and suggested mitigation steps to help you get started. Our goal is to help you keep your patients safe, so that you can continue providing the best care. If you have questions about security training or Network Vulnerability Assessments, feel free to contact your team at Medcurity.