We are pleased to announce the release of our 2024 Healthcare Cyber Trend Research Report. Please download your copy here. This analysis offers insights into the latest cyber threats targeting the healthcare industry within the United States during calendar year 2023. Recognizing the critical need for timely intelligence to protect patient data and healthcare operations, we share our research and perspectives on emerging cyber attack trends and their ongoing impact on this vital sector.
| “In 2023, per our analysis of HHS/OCR data, there were an estimated 118.9 million healthcare patient records compromised by cyberattacks within the United States. This alarming number corresponds to about 35.38 percent of the projected U.S. population of 335,893,238 estimated by the U.S. Census Bureau in January 2024.
This statistic is truly staggering. It suggests that, even with some individuals having their personal healthcare records stolen from multiple databases, that perhaps more than a third of the U.S. population had their healthcare records breached in 2023 alone. We expect that our healthcare institutions will continue to be subjected to unyielding attacks from organized crime groups and nation-states. These opponents are intent on extorting money through ransomware and exploiting a growing variety of malware, phishing, and social engineering strategies. We don’t anticipate this trend to reverse anytime soon.” Anthony James |
The responsible healthcare organizations within the United States (covered entities) report data breaches under the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Breach Notification Rule (CFR 164.400-414), which requires HIPAA-covered healthcare entities and business associates to provide notification following a breach of unsecured protected health information (PHI).
Our research documents statistics about these data breaches specifically categorized as Hacking/IT (cyberattacks) and we refer to them as major data breaches. These major breaches are found and extracted from within the U.S. Department of Health & Human Services Office of Civil Rights (HHS/OCR) database. HHS/OCR does not release the data on data breaches caused by Hacking/IT where fewer than 500 patient records are compromised.
Healthcare on the Frontlines: Evolving Defense-in-Depth to Combat Cyber Threats
The healthcare industry has embarked on a significant digital transformation journey in recent years, driven by the promise of cost reduction, improved patient outcomes, and enhanced care delivery. While these efforts unlock considerable financial and technological advantages, they also inadvertently expand the attack surface for malicious actors.
Cybercriminals see the healthcare sector as a lucrative target, drawn by its vast size, reliance on technology, treasure trove of sensitive data, and critical vulnerability to disruptions. Protecting these organizations demands a robust defense-in-depth approach, layering multiple security controls – physical, technical, and administrative – to create overlapping shields against digital assaults.
Finally, in this report we share and highlight the importance of DNS detection and response (DNSDR) to a robust defense-in-depth strategy.
Please download your copy of The 2024 Healthcare Cyber Trend Research Report
For more information about our products please go to our sales team via https://www.infoblox.com/company/contact/.
