Healthcare is among highest-profile hack targets

Ransomware incidents expected to rise 250 percent based on current trends.

Healthcare, financial services and higher education sectors are particularly vulnerable to data breaches, according to a new report from Beazley, a provider of data breach response insurance.

The report particularly highlights an dramatic uptick in ransomware attacks on healthcare organizations. Beazley is predicting a 250 percent increase in ransom attacks in 2016, based on a survey of incidents involving all of its customers, across all industries.

According to the company’s Beazley Breach Insights 2016, the specialized Beazley Breach Response (BBR) Services unit responded to 60 percent more data breaches in 2015, compared with 2014, with a concentration of incidents in healthcare, financial services and higher education.

Breaches caused by either hacking or malware nearly doubled in relative frequency over the past year. In 2015, 32 percent of all incidents were caused by hacking or malware, compared with 18 percent in 2014. Unintended disclosure of records, such as a misdirected email, accounted for 24 percent of all breaches in 2015, down from 32 percent in 2014.

The loss of non-electronic physical records accounted for 16 percent of all breaches in 2015, unchanged from 2014. And the proportion of breaches involving third-party vendors more than tripled over the same period, rising from 6 percent of breaches in 2014 to 18 percent of breaches in 2015.

Beazley’s data breach statistics are based on 777 incidents in 2014 and 1,249 in 2015.

“We saw a significant rise in incidents caused by hacking or malware in the past year,” said Katherine Keefe, global head of BBR Services. “This was especially noticeable in healthcare, where the percentage of data breaches caused by hacking or malware more than doubled.”

Beazley singled out the the increasing use of ransomware by hackers to lock up an organization's data, holding it until a ransom is paid in nearly untraceable Bitcoin. Hollywood Presbyterian Hospital in Los Angeles reported suffering a ransomware attack in February 2016 and ultimately paid the hackers $17,000 in Bitcoin. A year earlier, the FBI had issued an alert warning that ransomware attacks were on the rise.

Breaches involving ransomware among Beazley clients more than doubled to 43 in 2015, and the trend appears to be accelerating in 2016. Based on figures for the first two months of the year, ransomware attacks are projected to increase by 250% in 2016, the consultancy said.

"Clearly, new malware programs, including ransomware, are having a big impact," said Paul Nikhinson, privacy breach response services manager for BBR Services. "Hacking or malware was the leading cause of data breaches in the healthcare industry in 2015, representing 27 percent of all breaches, more than physical loss at 20 percent.

"Healthcare is a big target for hackers because of the richness of medical records for identity theft and other crimes. In fact, a medical record is worth over 16 times more than a credit card record," Nikhinson added.

More for you

Loading data for hdm_tax_topic #reducing-cost...