Even though it is only three months old, 2015 is quickly becoming the year of the health care data breach. The latest in a string of cyberattacks aimed at health care providers came last week when insurance company Premera Blue Cross announced it had been hacked. The data breach may have exposed the medical and financial information of 11 million customers, making it the largest attack to date involving medical information, The New York Times reported.
Officials with the insurance firm said that the cybercriminals behind the attack may also have compromised claims data, such as clinical information, bank account numbers, Social Security numbers and birth dates. The breach is believed to have started almost a year ago, in May 2014. The majority of account holders affected reside in Washington state, as the insurance company has customers from major corporations like Amazon, Starbucks and Microsoft.
According to Eric Earling, a spokesperson for Premera, the breach was discovered on Jan. 29, the same day that Anthem disclosed the hack of its systems. According to Earling, however, the two attacks are not related to one another and the Premera breach was identified independently from Anthem's.
Health information growing more valuable
Although previous breaches like those that occurred at Anthem and hospital operator Community Health Systems involved a higher number of total records that were compromised, those incidents did not involve the theft or exposure of medical information. Security professionals are most concerned about malicious actors gaining access to medical data because it can be used to conduct serious instances of insurance fraud.
"Medical records paint a really personal picture of somebody's life and medical procedures," said Dave Kennedy, a healthcare security expert, in an interview with the Times. "They allow you to perpetrate really in-depth medical fraud."
The more information a hacker knows about the person they are posing as, the better chance they have at successfully committing medical fraud. Unlike identity theft used to open credit cards or take out loans, medical fraud can be perpetrated for years before anyone catches on that doctors visits and prescriptions have been obtained unlawfully.
Cybersecurity experts are warning healthcare providers and patients alike that cyberattacks targeting medical information will begin to occur more frequently as the data up for grabs becomes increasingly valuable. According to the Department of Health and Human Services, the personal information of more than 120 million people has been exposed in over 1,100 different breaches at organizations dealing with healthcare data since 2009. That's equivalent to one-third of the U.S. population having their medical data exposed in just the last six years.
"We are certainly seeing a rise in the number of individuals affected by hacking [or] IT incidents," said Rachel Seeger, a spokesperson for HHS's Office for Civil Rights. "These incidents have the potential to affect very large numbers of health care consumers, as evidenced by the recent Anthem and Premera breaches."
Protecting sensitive data from all ends
While many may think that health care providers are being targeted by sophisticated hackers breaking into organizations' computer systems, that's rarely the case. Many breaches involve a lost or stolen device containing patient files or the improper disposal of records. One of the best ways for health care organizations to maintain a better level of security around all endpoints is to implement a security information and event management service like FireBreak from ArcticWolf.
A concierge SIEM solution, the program provides continuous monitoring of privileged networks to learn system behavior. Any unusual or suspicious activity is noted and recorded for later analysis which can then be used to create a more robust defense strategy. With so many cybercriminals turning their attention to medical data, there has never been a better time for health care organizations to get serious about cybersecurity.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.