The Healthcare industry handles the sensitive data of the patients. Most of the records consist of the Patient’s medical history, diagnosis, treatments, social security numbers, names, and addresses. In addition, the information about the insurance agreement and billing is also included in it.
The Healthcare industry is one of the easiest targets of hackers. They are more vulnerable to cyberattacks in many ways. In the last few years, it has been seen that healthcare security breaches have grown significantly.
The motive for hackers to steal the data from the health care sector is very simple as the health care providers possess very sensitive data and this data can be used for identity theft. In some cases, it is used to blackmail the patient or to get illegal drug prescriptions.
The health care data is also sold on different platforms by hackers as it is considered a valuable commodity.
In this article, we are going to highlight the top 10 cybersecurity breaches in Healthtech.
CyberSecurity Breach on Telehealth App
Babylon started the initiative which allowed patients and doctors to make an online interaction. It has more than 2.3 million active users in the UK. This interaction is assisted by the audio and video calls, in which medical records can be shared, symptoms can be analyzed and patients can get a prescription and can easily book an appointment.
In 2020 Babylon reported some kind of vulnerability that makes the confidential video conferences of patients with the physicians open to everyone. This incident occurs due to the addition of a new feature that allows switching the audio interaction in video.
The company immediately reacted to the vulnerability and fix the issue and notified the regulators.
Advocate Health care
Advocate health care revealed data breaches in 2013. It includes 4.03 million patients’ unencrypted medical records which have been stolen. The news about this massive security breach came out after four years.
They also stated that took some measures to protect the encrypted data, the system was ready to use but it was not deployed to the sector where this breach occurred.
Banner Health has also faced a cyber attack back in 2016. It started when the hackers used malware to breach the payment processing system of Banner foods and beverages outlets which eventually gave them access to the servers that hold the sensitive data of the patients.
The sensitive data includes; Patients’ social security numbers, information related to the insurance agreements, Services and treatment information, and many more.
Following this cyber attack, Banner Health made amendments to their system, implementing a firm security system. With the inclusion of Payment card industry data security standards.
They also improved access management systems and network security.
University of California Los Angeles Health
In 2015, the University of California Los Angeles health reported a security breach, In which hackers accessed the record of patients. They admitted that the reason behind this security breach is that they had not encrypted the data. Which eventually allowed the hackers to steal the sensitive information.
Vulnerability In Prescription Management Software
Walgreens found this vulnerability in their system, The system of Walgreens is integrated with various pharmacies in the U.S. Which helps the patients to find nearby pharmacies, Online options to purchase medicines, and manage the prescription.
In 2020 they found a security breach in which the patient’s sensitive information like his name, address, and prescription got leaked. Walgreens was quick to fix the vulnerability.
Community Health systems
Community Health Systems reported a network security breach that exposed the information of their patients. The organization said that a group of hackers based in China used advanced malware to attack their systems.
Data includes social security numbers, Names, Birthplace, addresses, and Telephone numbers.
The Community Health System got the assistance of a team of security experts to investigate this cyber attack. Since then the company makes various changes in its system like the inclusion of surveillance technology to detect any outside access and using advanced encryption technology to further protect their system.
Security Breaches In Health Insurance Service Providers Software
This security breach affected Newkirk which is a company that covers a huge network of health insurance companies in the U.S. They provide health care ID cards for various insurance companies.
Hackers got access to the system due to the vulnerability. The vulnerability is found in the system of a third-party software system that is based on a single server.
Due to this security breach, the user’s personal data like names, health care service provider information got leaked. After that Newkirk took some necessary steps to make their system secure and less vulnerable to any other cyber attack in the future.
Medical Informatics Engineering
Medical informatics Engineering is a company that assists in Electronic Health Records & Electronic Medical Records services in the U.S. They reported a security breach in 2015 when the hackers obtained confidential information to get access to their database.
This results in the loss of sensitive records of the patients like their names, addresses, social security numbers, and insurance agreements. It is also revealed later that the company breached HIPAA guidelines.
eResearch provides services of the software that reduce the risk in clinical trials. They reported a ransomware attack in 2020 which affected many clinical trials. After that attack, the software system was shut down for investigation for nearly two weeks.
Libre Health is a company that is giving the services of EHR/EMR through a mobile app system. In 2020 they reported a cyber attack on their system. Which breaches local file inclusion, CSRF, SQL injection, and various other systems.
So far the company claimed that no user data was misused in this cyber attack.
These top 10 Cybersecurity breaches in health tech are a reminder for health care industry experts to come forward and take necessary steps to improve the security system. As the breaches are pretty much expensive. Many Health Tech service providers ignore the importance of cyber security. Which makes them pay millions of dollars to cover the breaches.
Service providers should strictly follow the criteria of HIPPA and invest in improving the security of their systems.