Skip to content
CIO CHIME
Login
  • About
    • AEHIS, AEHADA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
    • Public Policy
    • Opioid Action Center
    • CHIME Innovation
    • Scholarships
  • Membership
    • Join CHIME
    • Awards & Honors
    • CHIME International
    • Committees
    • FAQs
    • Member Spotlights
  • Education
    • Certified Digital Health Prog.
    • Boot Camps
      • Healthcare CIO Boot Camp™ 2024
    • Healthtech Leader 3.0 Wrap Up
    • Online Learning
    • Webinars
    • Speaking Opportunities
    • Scholarships
  • Certification
    • CEUs
    • CDH Program
    • CHCIO
    • CHCIO International
    • CHISL
    • Look Who’s Certified!
  • Digital Health Most Wired
  • Foundation
    • About
    • Board & Staff
    • Partner Education – 2022
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Foundation Partners
    • Sponsorship Opportunities
    • Education Foundation
      • Board and Staff
      • Apply for a Scholarship
      • Donate Now
      • Stettheimer Scholarship
    • Awards
    • Terms of Use Policies
    • CHIME Tech
      • About
      • Board & Staff
      • Advisory Services
      • Cooperative Member Services
      • Leadership Academy
      • Speakers Bureau
  • Media
    • CHIME Media
    • Digital Health Leaders
  • CHIME IN for Change

News & Press

Home » News & Press » Critical Insight Finds 35 Percent Increase in Attacks on Health Plans in 2021 End of Year Healthcare Data Breach Report

Critical Insight Finds 35 Percent Increase in Attacks on Health Plans in 2021 End of Year Healthcare Data Breach Report


SEATTLE, January 31, 2022 –Critical Insight, a Managed Detection and Response (MDR) service provider specializing in protecting the networks of life-saving organizations and critical infrastructure, announced today the release of the firm’s 2H 2021 Healthcare Data Breach Report, which analyzes ​​breach data reported to the U.S. Department of Health and Human Services by healthcare organizations.

As we entered the second year of the pandemic in 2021, healthcare systems found themselves under unprecedented and unrelenting stress. Frontline healthcare workers continued to be understaffed and overworked. Hospitals were so overcrowded that they have been forced to postpone routine medical procedures until the latest surge of COVID-19 cases subsides.

Similarly, IT departments at healthcare organizations faced critical skills and staffing shortages as they battled the latest cyberattack variants. Today, those departments continue to be stretched so thin dealing with pandemic-related crises that routine security measures may fall by the wayside, breaches may go undetected for weeks, and efforts to validate the security measures undertaken by affiliates and third parties may fall short.

Key Findings:

  • Total Individuals Affected: 2021 hit a high of 45 million individuals affected by healthcare attacks, up from 34 million in 2020. That 45 million number is triple the number of individuals impacted only three years ago. (The number was 14 million in 2018)
  • Who is Getting Breached?: Attacks against health plans jumped nearly 35% from 2020 to 2021. And attacks against business associates, or third-party vendors, increased nearly 18% from 2020 to 2021. Fortunately, attacks against Healthcare Providers (where most breaches are historically reported) declined slightly after peaking in 2020 (down ~4%).
  • Most Common Breach Causes: Hacking/IT incidents continue to be the most common cause of breaches with an increase of 10% in 2021. Hacking was also responsible for the vast majority of individual records that were affected by breaches, which means those records were likely sold on the Dark Web.
  • One thing we’re watching: When we look at which segments of the healthcare ecosystem had Hacking/IT Incident type breaches, we’re now seeing outpatient/specialty clinics have more Hacking/IT Incident type breaches than hospitals. Outpatient/specialty clinics saw a 41% increase in Hacking/IT Incident type breaches in 2021 compared to 2020.

“Whether the attack vector is ransomware, credential harvesting or stealing devices, the healthcare industry is a prime target for attackers to monetize PHI and sell on the Dark Web or hold an entity ransom unable to deliver patient care,” said John Delano, Healthcare Cybersecurity Strategist at Critical Insight and Vice President at Christus Health. “As we continue into 2022, healthcare organizations need to be on guard not only of their cybersecurity posture but also of third party vendors that have access to data and networks. We are seeing more awareness and proactive approaches to cybersecurity within this sector, but there is still a long way to go.”

 

About Critical Insight

Critical Insight delivers cyber security that’s critical to your mission. We defend your organization with a personalized blend of MDR, managed, and professional services, to assess, test, and monitor 24×7. IT teams get their day jobs back with a full staff of expertise for less than the cost of one employee. We make cyber security a path to progress, from ensuring compliance to driving customer preference. We’re committed to defending those who serve us all, so no organization has to go without an effective cyber defense. Critical Insight. We Defend. You Thrive.

Find out more at https://cybersecurity.criticalinsight.com/2021_H2_HealthcareDataBreachReport

 

Media Contact:

Jake Milstein

Critical Insight

206-347-0588

[email protected]

Media Inquiries

For media inquiries and interview requests please contact:

[email protected]

News, Press & Stories

  • Press Releases & Statements
  • Inside CHIME
  • In the News
  • CHIME Foundation Insight
  • Foundation Press Releases

CHIME Public Policy In the News

Cybersecurity Is Patient Safety: CHIME Submits Comments on Sen. Warren’s Cybersecurity Policy Paper

MEMBERSHIP

LEARN MORE & APPLY LOG IN

UPCOMING EVENTS SEE MORE

  • 11/16/2023 - Managing complexity through healthcare M&A and divestitures
  • 12/11/2023 - Mastering Healthcare Data Archiving: Solving the Problems Associated with Legacy Systems
  • 12/11/2023 - Elevating Healthcare: A Fireside Chat on Digital Health Strategy for CIOs
  • SITE
    • About
    • Membership
    • Education
    • Certification
    • Digital Health Most Wired
    • Foundation
    • Media
    • CHIME IN for Change
  • MEMBERSHIP
    • Login
    • Become a Member
    • Become a Foundation Partner
  • SOCIAL
    •            
  • CONTACT US

    455 E. Eisenhower Parkway Suite 300
    Ann Arbor, MI 48108
    Phone: (734) 665-0000

    MAP & DIRECTIONS

  • Logo
  • About
    • AEHIS, AEHADA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
    • Public Policy
    • Opioid Action Center
    • CHIME Innovation
    • Scholarships
  • Membership
    • Join CHIME
    • Awards & Honors
    • CHIME International
    • Committees
    • FAQs
    • Member Spotlights
  • Education
    • Certified Digital Health Prog.
    • Boot Camps
      • Healthcare CIO Boot Camp™ 2024
    • Healthtech Leader 3.0 Wrap Up
    • Online Learning
    • Webinars
    • Speaking Opportunities
    • Scholarships
  • Certification
    • CEUs
    • CDH Program
    • CHCIO
    • CHCIO International
    • CHISL
    • Look Who’s Certified!
  • Digital Health Most Wired
  • Foundation
    • About
    • Board & Staff
    • Partner Education – 2022
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Foundation Partners
    • Sponsorship Opportunities
    • Education Foundation
      • Board and Staff
      • Apply for a Scholarship
      • Donate Now
      • Stettheimer Scholarship
    • Awards
    • Terms of Use Policies
    • CHIME Tech
      • About
      • Board & Staff
      • Advisory Services
      • Cooperative Member Services
      • Leadership Academy
      • Speakers Bureau
  • Media
    • CHIME Media
    • Digital Health Leaders
  • CHIME IN for Change
Copyright 2023 CHIME College of Healthcare Information Management Executives
Sponsors
Privacy Policy     Terms of Use    Web Design by build/create
By using our website you agree to our updated Privacy Policy and Terms of Use. I Accept