Scroll Top

Major Healthcare Breaches in 2024 So Far…

sad doctor

Here is in interesting stat, 2023 saw 114 data breaches of 100,000 or more records, including 26 breaches of more than 1 million records, 5 breaches of more than 5 million records, and one breach of 11.27 million records. The average data breach size in 2023 was 183,543 records and the median data breach size was 5,175 records.

Healthcare Seems to be a Target

The healthcare sector is the most vulnerable to cyberattacks, ahead of the public sector (16%), technology (11%), education (9%), and professional services (6%). Ransomware attacks are a top threat facing the healthcare industry. In a ransomware attack, hackers lock out healthcare Institutions from critical files and information and hold it hostage while demanding a payment in exchange for a decryption key to unlock the files.

ransomwareSo far,  it looks like 2024 should be a banner year for Data Breaches. The following breaches in 2024 reportedly compromised personal data including Social Security numbers:

  • Fallon Ambulance Service (FAS): In January 2024, an unauthorized actor breached the data storage of 900,757 individuals, including 9 million people
  • Change Healthcare: In 2024, an external actor gained access to one of their internal portals, causing administrative and revenue-related issues for healthcare systems and providers
  • Integris Health: In January 2024, 2,385,646 individuals were affected
  • North Kansas City Hospital: In January 2024, 502,438 individuals were affected
  • Azura Vascular Care: In January 2024, 348,000 individuals were affected
  • Des Moines Orthopedic Surgeons, P.C.: In January 2024, 307,864 individuals were affected

Things to do to minimize being the victim of a Data Breach

Here are some things businesses can do to minimize the risk of a data breach:

Secure Passwords

Use strong passwords, Create unique passphrases that are not a dictionary word and are over 12 Characters in Length.  Review Users Passwords often to ensure compliance. Assign or Approve  passwords,. New Guidance says you only need to change these  types of passwords if you forget them or you have been compromised. Use Multi-Factor  Authentication because there is no excuse why you wouldn’t be

Update Systems and Monitor

Use updated software to keep systems secure. Seems like a no-brainer, but a lot of people forget and that Is called “just asking for it. Use your  Built-in Security Dashboards and logs. Take a minute or twenty every day or maybe every other day the logs or dashboards for your firewalls, encryption, secure file-sharing software, and antivirus software to protect sensitive data.

Control Access

Lock up and secure the Physical and Prevent unauthorized access to business computers, and secure physical areas potentially related to the breach. Review Physical Access Restrictions, Review who has Access and Why? Also, Block and Monitor Outbound Suspicious or unusual traffic or high port numbers, also block outbound UDP if you don’t need it.

Educate and Train Employees

Teach employees cybersecurity best practices, and how to use complex passwords, and avoid opening attachments from unfamiliar senders. It may seem pointless at times but repetition is the key and

Other Super Important Things:

  • Conduct regular audits and audit your system and device accesses and organize training sessions if you suspect human error.
  • Regularly back up the data on all computers.
  • Have an incident response plan
  • Know how to secure your systems and fix vulnerabilities that may have caused the breach.

Related Posts

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.