• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Data breaches on pace for a new record in 2023


Health care continues to be a top target for hackers

The United States is on track for a record number of data breaches in 2023, according to a report from the Identity Theft Resource Center. In the second quarter of this year, there were 951 publicly reported incidents, a 114% increase from the first quarter. So far, there have been 1393 data comprises, and at this pace, 2023 could surpass the all-time annual high of 1,862 compromises set in 2021.

Hacking on the rise in health care: ©Prostock-Studio -

Hacking on the rise in health care: ©Prostock-Studio -

While the number of reported breaches increased, the good news is that the toal number of people affected by them dropped from 424 million in 2022 to 156 million this year, according to the report.

Health care continues to be the most targeted sector, but financial services firms reported nearly double the number of compromises compared to the same period in 2022, and every industry sector reported a higher number of breaches. The report states that phishing and ransomware were the primary attack methods, and the number of malware attacks this year is up 89% compared to the same period last year.

The overall incidents break down as follows:

  • Data breaches – 99% of all incidents
  • Cyberattacks – 75%
  • System and human error – 22%
  • Supply chain attacks 8%

ITRC CEO and president, Eva Velasquez, called the new stats as “historic”, adding, “Since we started tracking data compromises in 2005, only the full years of 2017, 2021 and 2022 have exceeded the number of data events recorded in the first six months of 2023.”

Stephen Gates, principal security SME,, said in a statement that hackers are changing their methodology. “Today, ransomware is the name of the game, but attackers have added a twist. In the past run-of-the-mill breaches, attackers were silently stealing personally identifiable information so they could sell it to third parties, who would then use the personally identifiable information as part of their identify theft and fraud campaigns. Now, it appears the initial attackers want a bigger piece of the pie.”

Gates said that while attackers are still gaining remote access like they always have, they are nowharvesting vast amounts of data and threatening organizations with data disclosure if they don’t pay the ransom. He says this proves attackers have, and are maintaining, remote access while staying under the radar of common detection approaches.

“If organizations refuse to pay to stop the data disclosure, attackers then proceed with the traditional ransomware campaign, locking up systems, encrypting data stores, and basically taking the organization offline,” said Gates. “This acts as a double whammy.If organizations pay the first ransom to stop the data disclosure, will that stop the second threat of a full-scale ransomware takedown? I don’t think anyone knows the answer to that question.”

Related Videos
Kyle Zebley headshot
Kyle Zebley headshot
Kyle Zebley headshot
Michael J. Barry, MD
Hadi Chaudhry, President and CEO, CareCloud
Claire Ernst, JD, gives expert advice