Skip to content
CIO CHIME
Login
  • About
    • AEHIS, AEHIA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
    • Public Policy
    • Opioid Action Center
    • CHIME Innovation
    • Scholarships
  • Membership
    • Join CHIME
    • Awards & Honors
    • CHIME International
    • Committees
    • FAQs
    • Member Spotlights
  • Education
    • Health & Safety
    • CHIME University Programs
    • Certified Digital Health Prog.
    • ViVE Event 2023
    • Boot Camps
      • CIO Boot Camp™ 23
      • CISO Boot Camp 23
      • CIL Boot Camp 23
      • July CIO Boot Camp™ 23
      • July CISO Boot Camp 23
    • Cybersecurity Summit 23
    • CHIME23 Fall Forum
    • Online Learning
    • Webinars
    • Speaking Opportunities
    • Scholarships
  • Certification
    • CEUs
    • CDH Program
    • CHCIO
    • CHCIO International
    • CHISL
    • Look Who’s Certified!
  • Digital Health Most Wired
  • Foundation
    • About
    • Board & Staff
    • Partner Education – 2022
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Foundation Partners
    • Sponsorship Opportunities
    • Education Foundation
      • About
      • Board and Staff
      • Donate
      • Pay It Forward
      • Scholarships
      • Stettheimer Scholarship
    • Awards
    • Terms of Use Policies
    • CHIME Tech
      • About
      • Board & Staff
      • Advisory Services
      • Cooperative Member Services
      • Leadership Academy
      • Speakers Bureau
  • 30th Anniversary
  • Media
    • CHIME Media
    • Digital Health Leaders

News & Press

Home » News & Press » Critical Insight Finds 35 Percent Increase in Attacks on Health Plans in 2021 End of Year Healthcare Data Breach Report

Critical Insight Finds 35 Percent Increase in Attacks on Health Plans in 2021 End of Year Healthcare Data Breach Report


SEATTLE, January 31, 2022 –Critical Insight, a Managed Detection and Response (MDR) service provider specializing in protecting the networks of life-saving organizations and critical infrastructure, announced today the release of the firm’s 2H 2021 Healthcare Data Breach Report, which analyzes ​​breach data reported to the U.S. Department of Health and Human Services by healthcare organizations.

As we entered the second year of the pandemic in 2021, healthcare systems found themselves under unprecedented and unrelenting stress. Frontline healthcare workers continued to be understaffed and overworked. Hospitals were so overcrowded that they have been forced to postpone routine medical procedures until the latest surge of COVID-19 cases subsides.

Similarly, IT departments at healthcare organizations faced critical skills and staffing shortages as they battled the latest cyberattack variants. Today, those departments continue to be stretched so thin dealing with pandemic-related crises that routine security measures may fall by the wayside, breaches may go undetected for weeks, and efforts to validate the security measures undertaken by affiliates and third parties may fall short.

Key Findings:

  • Total Individuals Affected: 2021 hit a high of 45 million individuals affected by healthcare attacks, up from 34 million in 2020. That 45 million number is triple the number of individuals impacted only three years ago. (The number was 14 million in 2018)
  • Who is Getting Breached?: Attacks against health plans jumped nearly 35% from 2020 to 2021. And attacks against business associates, or third-party vendors, increased nearly 18% from 2020 to 2021. Fortunately, attacks against Healthcare Providers (where most breaches are historically reported) declined slightly after peaking in 2020 (down ~4%).
  • Most Common Breach Causes: Hacking/IT incidents continue to be the most common cause of breaches with an increase of 10% in 2021. Hacking was also responsible for the vast majority of individual records that were affected by breaches, which means those records were likely sold on the Dark Web.
  • One thing we’re watching: When we look at which segments of the healthcare ecosystem had Hacking/IT Incident type breaches, we’re now seeing outpatient/specialty clinics have more Hacking/IT Incident type breaches than hospitals. Outpatient/specialty clinics saw a 41% increase in Hacking/IT Incident type breaches in 2021 compared to 2020.

“Whether the attack vector is ransomware, credential harvesting or stealing devices, the healthcare industry is a prime target for attackers to monetize PHI and sell on the Dark Web or hold an entity ransom unable to deliver patient care,” said John Delano, Healthcare Cybersecurity Strategist at Critical Insight and Vice President at Christus Health. “As we continue into 2022, healthcare organizations need to be on guard not only of their cybersecurity posture but also of third party vendors that have access to data and networks. We are seeing more awareness and proactive approaches to cybersecurity within this sector, but there is still a long way to go.”

 

About Critical Insight

Critical Insight delivers cyber security that’s critical to your mission. We defend your organization with a personalized blend of MDR, managed, and professional services, to assess, test, and monitor 24×7. IT teams get their day jobs back with a full staff of expertise for less than the cost of one employee. We make cyber security a path to progress, from ensuring compliance to driving customer preference. We’re committed to defending those who serve us all, so no organization has to go without an effective cyber defense. Critical Insight. We Defend. You Thrive.

Find out more at https://cybersecurity.criticalinsight.com/2021_H2_HealthcareDataBreachReport

 

Media Contact:

Jake Milstein

Critical Insight

206-347-0588

[email protected]

Media Inquiries

For media inquiries and interview requests please contact:

[email protected]

News, Press & Stories

  • Press Releases & Statements
  • Inside CHIME
  • In the News
  • CHIME Foundation Insight
  • Foundation Press Releases

New Initiatives

MEMBERSHIP

LEARN MORE & APPLY LOG IN

UPCOMING EVENTS SEE MORE

  • 01/26/2023 - ViVE 2023 CHIME Provider Member Live Webinar
  • 03/22/2023 - AEHIS-Healthcare technology has come of age, but is our digital identity strategy mature?
  • 03/23/2023 - Partnering with EHR vendors to change the way software is designed and developed
  • SITE
    • About
    • Membership
    • Education
    • Certification
    • Digital Health Most Wired
    • Foundation
    • 30th Anniversary
    • Media
  • MEMBERSHIP
    • Login
    • Become a Member
    • Become a Foundation Partner
  • SOCIAL
    •            
  • CONTACT US

    455 E. Eisenhower Parkway Suite 300
    Ann Arbor, MI 48108
    Phone: (734) 665-0000

    MAP & DIRECTIONS

  • Logo
  • About
    • AEHIS, AEHIA & AEHIT
    • Board & Staff
    • Careers with CHIME
    • Contact
    • Mission, Vision & History
    • News, Press & Stories
    • Public Policy
    • Opioid Action Center
    • CHIME Innovation
    • Scholarships
  • Membership
    • Join CHIME
    • Awards & Honors
    • CHIME International
    • Committees
    • FAQs
    • Member Spotlights
  • Education
    • Health & Safety
    • CHIME University Programs
    • Certified Digital Health Prog.
    • ViVE Event 2023
    • Boot Camps
      • CIO Boot Camp™ 23
      • CISO Boot Camp 23
      • CIL Boot Camp 23
      • July CIO Boot Camp™ 23
      • July CISO Boot Camp 23
    • Cybersecurity Summit 23
    • CHIME23 Fall Forum
    • Online Learning
    • Webinars
    • Speaking Opportunities
    • Scholarships
  • Certification
    • CEUs
    • CDH Program
    • CHCIO
    • CHCIO International
    • CHISL
    • Look Who’s Certified!
  • Digital Health Most Wired
  • Foundation
    • About
    • Board & Staff
    • Partner Education – 2022
    • Foundation Membership
      • Benefits
      • Application
      • AEHIS, AEHIA & AEHIT
    • Foundation Partners
    • Sponsorship Opportunities
    • Education Foundation
      • About
      • Board and Staff
      • Donate
      • Pay It Forward
      • Scholarships
      • Stettheimer Scholarship
    • Awards
    • Terms of Use Policies
    • CHIME Tech
      • About
      • Board & Staff
      • Advisory Services
      • Cooperative Member Services
      • Leadership Academy
      • Speakers Bureau
  • 30th Anniversary
  • Media
    • CHIME Media
    • Digital Health Leaders
Copyright 2023 CHIME College of Healthcare Information Management Executives
Sponsors
Privacy Policy     Terms of Use    Web Design by build/create
By using our website you agree to our updated Privacy Policy and Terms of Use. I Accept