Cybercrimes are on the rise in almost every industry. The healthcare industry was especially hard hit in 2020. More than 10 million people were affected by the healthcare data breaches in 2020. The top healthcare data breaches in 2020:
In July, Trinity’s philanthropy database vendor, Blackbaud, notified the health system that it had been the victim of a cyberattack, potentially obtaining access to patient and donor information of 3,320,726. In a security notice, Blackbaud said that it had paid the ransom to have the data copy destroyed.
Inova was affected by the Blackbaud security incident. The Virginia-based system determined that the threat actor may have accessed the personal information of patients and donors. Inova said a total of 1,045,270 Individuals were affected by this security incident.
In June, for example, Arizona-based Magellan Health reported that it was targeted by a ransomware attack that may have affected 1,013,956 individuals, according to HHS. Dental Care Alliance, a Florida-based dental support organization, reported that 1,004,304 patients were likely affected by a cybersecurity attack.
Luxottica, the eyewear firm, said that its web portal was targeted in a cyberattack that has resulted in a breach of over 800,000 patients’ private data. According to Luxottica’s breach notice, the appointment scheduling solution was infiltrated by hackers on August 5, 2020. The cybercriminals may have obtained access to the personal and protected health information of their business partners’ patients, the company said.
The integrated healthcare system, Northern Light Health Foundation, has announced it has been affected by a ransomware attack on Blackbaud. The databases (which contained the records of 657,392 individuals) affected included information about donors, potential donors, and individuals who may have attended a fundraising event in the past.
Oregon’s Medicaid coordinated-care organization, Health Share of Oregon, said nearly 654,000 personal information of its members (current and former members) was stored on a laptop computer stolen from its transportation vendor, GridWorks. GridWorks was contracted to manage Health Share’s Ride to Care program, through which Health Share provided non-emergent transportation for its members.
Florida Orthopaedic Institute (FOI), a healthcare provider based in Tampa, reported a breach earlier this month following an April security incident. The breach affected 640,000 individuals, according to the Office for Civil Rights (OCR) breach portal.
In May, Elkhart Emergency Physicians reported an improperly disposed breach, which impacted 550,000 individuals, affecting Elkhart healthcare records from 2002 through 2010.
Healthcare security software companies have raised over $300 VC funding since 2015, according to Mercom’s healthcare security funding Data.