Study: Healthcare overtakes finance as most breached industry in 2022

Healthcare accounted for 22 percent of the breaches analyzed in the newest update to Kroll’s “Data Breach Outlook,” compared to 16 percent in 2021. Finance fell to No. 2 on the list, accounting for 19 percent of breaches.

Since the Covid-19 pandemic, the healthcare industry has become particularly vulnerable to data breaches and increased frequency of cyberattacks. The study, however, noted the industry being most breached might not equate to the most concerned consumers. While healthcare suffered the largest proportion of incidents, the number of incoming calls related to breaches and consumers taking up identity protection were less than in the finance industry, according to the analysis.

Kroll found 49 percent of calls from consumers in 2022 following being notified of a breach were related to the finance industry, while only 32 percent concerned healthcare.

“It is understandable that financial data would be perceived to be more sensitive than health information,” the study noted. “In reality, however, much of the data gathered from healthcare organizations—for example, Social Security numbers—could be used to set up fraudulent accounts and transactions.”

A separate cybersecurity benchmarking survey conducted by the Ponemon Institute and commissioned by Censinet polled 579 information technology and IT security professionals at healthcare delivery organizations. It found nearly half of respondents (47 percent) said their organizations experienced a ransomware attack in the past two years, an increase from 43 percent in 2021.

Ponemon found 53 percent of respondents attacked said it resulted in a disruption in patient care. Complications from medical procedures because of ransomware attacks increased significantly, from 36 percent of respondents in 2021 to 45 percent in 2022.

The largest impact was an increase in patients transferred or diverted to other facilities, from 65 percent in 2021 to 70 percent in 2022. In addition, 21 percent of respondents said ransomware had an adverse impact on patient mortality rates.

Best practices for averting a breach included peer benchmarking, according to the survey, with respondents saying the exercise was valuable when demonstrating cybersecurity program effectiveness (78 percent), demonstrating cybersecurity framework coverage/compliance (61 percent), and improving cybersecurity programs (52 percent).

The findings from Kroll and Ponemon come the same month the Department of Justice (DOJ) and Federal Bureau of Investigation, in coordination with German law enforcement and the Netherlands National High Tech Crime Unit, announced a crackdown on the international ransomware group Hive.

The monthslong disruption campaign against Hive thwarted $130 million in ransomware demands and shut down its website on the dark web, per the DOJ. According to Ponemon’s survey, 67 percent of respondents said their organizations paid cyberattack ransoms, with payment totals increasing from $282,675 to $352,541 in the past two years.

Hive targeted more than 1,500 victims in more than 80 countries around the world, including hospitals, school districts, financial firms, and critical infrastructure, the DOJ stated. In one case, a hospital attacked by Hive had to use analog methods to treat existing patients and was unable to accept new patients in the immediate aftermath.