Hacking, ransomware driving more healthcare data breaches: study

Hacking and IT incidents accounted for 88% of patient records exposed from 2010 to 2024, while ransomware made up nearly 40%, according to the research published in JAMA Network Open.

Article By: Emily Olsen

Blog Source From : https://www.healthcaredive.com/

Dive Brief:

• Healthcare data breaches have soared over the past 14 years, driven by hacking and other IT incidents, especially ransomware attacks, according to a study published last week in JAMA Network Open. 
• Of the 732 million patient records compromised from 2010 to 2024, hacking and IT incidents accounted for 88% of records exposed, while ransomware, a subset of hacking and IT incidents, made up nearly 40%.
• Ransomware attacks, where cybercriminals deny users access to their data until a ransom is paid, surged from zero cases in 2010 to more than 30% of breaches in 2021. Last year, however, ransomware accounted for 11% of healthcare data breaches, according to the research.

Dive Insight: 

The study, which analyzed breaches impacting 500 people or more reported to the HHS’ Office for Civil Rights, found the number of healthcare incidents linked to hacking has surged in recent years.

OCR breaks breaches into five categories: hacking or IT incidents, theft, unauthorized access or disclosure, improper disposal or loss, and breaches of unidentified or unknown cause. 

The analysis found the number of healthcare data beaches rose from 216 in 2010 to 566 in 2024. Hacking and IT incidents made up 4% of those breaches in 2010 and rose to 81% by last year. Meanwhile, data breaches linked to theft, authorized access and improper disposal or loss fell, the study found. 

Additionally, the number of patient records compromised in data breaches has risen, increasing from 6 million in 2010 to 170 million last year. Hacking or IT incidents accounted for only 2% of records exposed 15 years ago, and last year rose to 91%, according to the study.

Researchers also tried to determine which breaches were linked to ransomware attacks by analyzing event descriptions for indicators like ransom demands, cryptocurrency payments or ties to known ransomware groups.

Since 2020, ransomware has impacted more than half of all patient records breached annually, and rose to 69% last year. 

Hacking and ransomware have become serious concerns for the healthcare sector. 

In the most significant incident last year, UnitedHealth-owned claims processor Change Healthcare was hit by a ransomware attack, leading to weeks of disruptions across the sector and the largest ever healthcare data breach reported to federal regulators. 

Hospitals, health plans and other healthcare organizations are often vulnerable to ransomware, given their limited cybersecurity resources and the major consequences of delays to patient care, the researchers wrote. 

Mitigation strategies should include mandatory ransomware fields in OCR reporting to improve surveillance clarity, revising severity classifications to account for operational impact, and monitoring cryptocurrency to disrupt ransom payments,” they wrote.