Healthcare sector biggest target for data breaches in 2018, report finds

The healthcare industry had more cybersecurity breaches than any other sector in 2018 and the number one cause of breaches across all industries was phishing, according to the fifth annual Data Security Incident Response Report from the law firm BakerHostetler.

This should come as no surprise to healthcare professionals, as 2018 saw the highest number of reported breaches to OCR (those affecting 500 or more healthcare records) with 365, up from 2017’s total of 358.

BakerHostetler examined 750 reported breach incidents in their report and found that 25% of those breaches occurred in the healthcare sector (which includes pharmaceuticals and biotech). The finance and insurance sector and business and professional services sectors each had 17% of all reported breaches, while the retail, restaurant, and hospitality industry saw 12% of all breaches.

According to BakerHostetler’s report, phishing was involved in 37% of all incidents across all sectors, with network intrusions involved in 30% of all breaches, followed by inadvertent disclosures (12%), and lost or stolen devices/records (10%). Although malicious insiders were involved in only 5% of breaches, the report found that employees were responsible for 55% of all breaches, usually through clicking on malicious links in phishing emails.

The study also found that in 91% of ransomware cases, an encryption key was received after an organization paid ransom, and the average ransom paid was almost $29,000. The report was also able to trace the patterns of attackers, and found that once gaining access to a device or account, in 34% of attacks, the next step was to access an Office 365 account. For 30% of attacks, the next step was to roam the network to find available data.