• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Health care leads cybersecurity breaches for 2022


Analyst examines factors that leave industry sectors at risk.

Health care leads cybersecurity breaches for 2022

The health care industry was the most common victim of cybersecurity breaches last year, according to a report by analyst Black Kite.

A total of 34.9% of cyberattacks occurred in health care in 2022, up 1% from the year before and indicative of hackers’ interest in personal health information (PHI). Heavy regulations on PHI “have only attracted more attention to this sector,” the report said.

“Lack of budget, remotely share personal data between patients and hospital systems, and outdated software all point to avenues for hackers to infiltrate and gain access to health-related sensitive data,” the report said. “That’s why, again this year, the most affected sector has been health care.”

Health care breaches may be some of the most publicized among various industries because the federal Health Insurance Portability and Accountability Act requires disclosure to the U.S. Department of Health and Human Services’ Office of Civil Rights, and to patients. The federal rule also requires health care entities to complete risk assessments on security systems set in place.

Overall ransomware attacks accounted for 27% of third-party breaches in 2022. That figure was down from 2021 and it appeared that could be an unintended effect of the Russian war in Ukraine, because sanctions have hindered abilities of Russia-based cybercriminals, according to Black Kite.

After health care, finance ranked second for total attacks last year, tallying 14.3%, and government was third, accounting for 9.5% of attacks. Both could see more attacks because banks rely on third party vendors to provide services, while governments often rely on outdated systems with unpatched access points.

Overall, Black Kite reported 63 security breaches among 298 publicly disclosed victims. There were 4.73 affected companies per vendor, compared to 2.46 companies per vendor in 2021. That number measures the number of businesses affected by a single breach of a vendor, not counting the vendor itself.

“Today’s cyber landscape is riskier, costlier, and more complicated than ever before. Bad actors are capitalizing on global disruption with destructive third-party breaches, allowing them to compromise multiple victims in one fell swoop,” Black Kite Chief Security Officer Bob Maley said in a news release. “Cybersecurity leaders must become as agile as the adversary, and that begins with keeping a continuous pulse on your digital ecosystem’s cyber posture.”

Health care organization Highmark Health landed No. 3 on the list of top five cybersecurity breaches of 2022. Black Kite said a security breach exposed information, including names, dates of birth, and prescription information, of 67,147 people.

Automaker Toyota topped the list of top five cybersecurity breaches of 2022. The company “suffered a massive data breach” when an application caused release of data on a software development platform starting in December 2017. Discovering that issue, Toyota changed access codes in September 2022, but 300,000 customer emails were exposed. That followed a February 2022 cyberattack on an interior and exterior parts supplier that disrupted 28 production lines across 14 factories, according to Black Kite.

Related Videos