Cyber attacks on health care up 136% last year

Cyber attacks on health care : © Prostock_studio - stock.adobe.com

In 2023, the US had an alarming amount of data breaches, with 3,205 occurrences taking place, according to a recent study from SOAX. This marks a significant 78% increase, as there were only 1,801 data breaches reported in 2022. The difference between 2022 and 2023 has impacted a staggering 353,027,892 citizens nationally.

Stepan Solovev, CEO and co-founder at SOAX, said, “The study has identified a concerningly sharp rise in cyber incidents across all US industries in 2023, which is particularly alarming, especially within the healthcare and financial services industries. These sectors store vast amounts of sensitive information, making them lucrative targets for cybercriminals.”

In the last year, the health care industry has had 809 data violation cases, rising from 343 cases in 2022. Unfortunately, these cases affected 56 million victims in health care, noting a 136% increase.

For comparison, the financial services industry was the second industry most at risk of attack, with 744 reported data violation cases in 2023. In 2022, there were only 269 cases in the sector, causing a 177% increase, the highest amongst all industries in the study. 61 million people were affected by the cases, indicating more protection is also needed against cybercriminals in the industry.

Meanwhile, the professional services industry came in as the third most at risk after having 308 reported cases, impacting 30 million people. This sector experienced a 38% increase compared to 2022, where there were only 223 reported cases.

Another vulnerable industry was manufacturing, facing 259 data breach incidents from cyberattacks last year. 5 million victims were impacted. The education sector also saw 4 million people be impacted by cyberattacks, with a 73% rise of 173 cases, opposed to 100 cases in 2022.

The new findings also suggest that the health care industry, along with other sectors, need to invest more in cybersecurity measures, as the study found that the health care and financial services industries were the most vulnerable to malicious intrusions.

"Maintaining effective cybersecurity practices is crucial for mitigating risks and protecting against potential breaches,” Solovev said. “It is crucial that organizations within these sectors continue to invest in cybersecurity defense mechanisms. This includes thorough and regular employee training, encouraging staff to stay vigilant against cyber threats.”

To combat cyberattacks in health care, the Identify Theft Resource Center (ITRC) recommends that the industry strengthens its uniform breach notice laws, adopting more advanced digital credentials and facial comparison systems, and improving vendor due diligence.