An alarming trend persisted in 2020 as hospitals and health systems battled COVID-19 surges and raced to develop a better understanding of the virus: hacking incidents increased for the fifth year in a row.
Specifically, the number of publicly reported hacking incidents jumped 42% year over year, from 330 in 2019 to 470 in 2020, according to the recently published 2021 Protenus Breach Barometer. Hacking incidents were the most common category of data breaches in 2020, comprising 62% of all events.
Download the 2021 Breach Barometer® for the latest insights on how data breaches are impacting the healthcare industry.
One of the most concerning consequences of hacking events in 2020 was the impact on patients. Data on how many patient records were exposed was available for 277 of the hacking incidents, which compromised a combined 31,080,823 records. In other words, the hacking category of data breaches exposed more than 31 million individuals to serious risks that can range from identity theft to medical blackmail.
Hacking incidents and other kinds of breaches also carry significant consequences for the healthcare institutions that fall victim. Along with causing reputational damage, these disturbances create massive financial strain on already-hurting hospitals. In healthcare, the average cost of a data breach in 2020 was a staggering $7.13 million, according to the Ponemon Institute's Cost of a Data Breach Report — and malicious attacks, which include hacking incidents, account for a significant portion of all these astronomically expensive breaches.
No reprieve for hospitals
With 2021 well underway, many of the factors that were advantageous for hackers last year are still at play. For starters, COVID-19 continues to consume healthcare's attention, as variants account for an increasing portion of U.S. infections and make rapid, widespread inoculation all the more urgent. These important efforts inevitably deplete resources that could be devoted to protection against hacks and other breaches under normal circumstances.
Anecdotally, we know that some hospitals have attempted to alleviate financial strain by paring down compliance teams, placing the growing challenge of safeguarding patient data on even fewer shoulders. All the while, the rise of work-from-home among remaining nonclinical employees gives hackers greater opportunity to successfully carry out cyberattacks.
Moreover, hospitals are still accumulating valuable COVID-19-related data and research that made them a prime target for hackers last year. This kind of information is of tremendous interest to a variety of stakeholders, from reporters to foreign entities, and the organizations housing it face an elevated risk of attacks.
Altering the trajectory
These conditions, as well as others exacerbating healthcare's vulnerability to hacking incidents and other breaches, cannot be ignored. They also cannot be properly mitigated by compliance teams relying on incomplete, inefficient manual audits, as evidenced by the Breach Barometer's finding that the average time to discover a health data breach was 187 days in 2020. With time-to-containment factored in, the total length of an incident jumps to 329 days, the Ponemon Institute found.
Each day a breach goes unresolved, costly consequences climb for both healthcare organizations and their patients. Unfortunately, with healthcare data only growing more valuable, opportunistic hackers are not backing off of these devastating attacks in 2021. Alas, it's up to healthcare organizations themselves to reverse the steady rise in hacking incidents.
One impactful way to alter the trajectory is simple: utilize artificial intelligence. AI platforms can not only help lower the average cost of a healthcare data breach by $232,452, per the Ponemon Institute, but they can actually help prevent 7-million-dollar breaches from occurring in the first place.
Ultimately, investment in a cost- and risk-reducing AI platform can get healthcare moving in the right direction with regard to hacking and other data breaches. Now, it's up to healthcare decision-makers: Will you take this necessary step to protect your organization and patients from rising threats?
Download the 2021 Protenus Breach Barometer® to better understand how data breaches are affecting healthcare in the midst of a pandemic.