10 OF THE LARGEST HEALTHCARE DATA BREACHES OF 2016

After IBM declared 2015 the year of the healthcare data breach, was 2016 the year we finally turned the corner and made headway against hackers in the cyberwar for individuals’ protected health information?  

Unfortunately, that was not the case. While there wasn’t a high-profile breach such as Anthem Health with which to contend, there were still plenty of successful cyberattacks stealing millions of individuals’ personally identifiable information (PII) and protected health information (PHI).  

As we continue to wage the cyber battle in 2017, it’s important to take stock at what happened in order to prepare for a safer future. Those who do not remember the past are condemned to repeat itLet’s take a look at 10 of the biggest healthcare data breaches in 2016:  

  1. Banner Health: 3.7 million patients, health plan members, beneficiaries, and food/beverage customers had their information stolen by hackers in an attack on this Arizona-based company 
  2. Newkirk Products: 3.3 million individuals had their PII stolen in an attack on the ID card issuer for health insurance plans.  
  3. 21st Century Oncology: The Florida-based cancer care services provider fell victim to a data breach affecting 2.2 million individuals; PHI, Social Security numbers, and insurance information was among the data stolen. 
  4. Valley Anesthesiology and Pain Consultants: A third-party accessed this Phoenix-based clinic’s computer systems and stole the PII of nearly 900,000 of its patients, employees, and partners.  
  5. Bon Secours Health System: A vendor mistakenly left this New York-based company’s patient information accessible on the Internet, leading to a breach of PHI for approximately 650,000 patients.  
  6. Peachtree Orthopaedic Clinic: The Atlanta-based clinic’s network server was hacked, affecting 531,000 individuals.  
  7. Radiology Regional Center: This Florida-based center fell victim to patient records falling off the back of a waste management truck (no, we’re not kidding). More than 480,000 individuals were affected.  
  8. California Correctional Health Care Services: This provider of healthcare to adult inmates fell victim to a stolen laptop, affecting approximately 400,000 individuals’ PHI 
  9. Central Ohio Urology Group: Hackers penetrated an internal file server, releasing data on more than 300,000 individuals.  
  10. Premier Healthcare LLC: Another laptop was stolen from an employee of this Indiana-based companyleading to more than 205,000 individuals having their PHI exposed to hackers. 

From ransomware to stolen laptops – and even garbage falling off the back of a truck – it seems many are still not learning the lessons of prior hacks on healthcare. This topic will be a top priority for many of us attending HIMSS in February, the largest healthcare IT show in America. Healthcare companies need to stay ahead of these five trends in healthcare IT: 

  1. Patient information on the black market 
  2. Medicare and private insurer scams  
  3. Encryption 
  4. Industry-wide skepticism and fear 
  5. Migration to cloud computing services 

The good news is you don’t have to wait for HIMSS to learn more – contact us today so we can show you how our managed security services for on-premises or cloud environments will extend your IT teams, unburden them, and secure your data.   

US Cyber Vault is a leading sponsor of the Cyber Security Command Center at HIMSS 2017 in Orlando, FL - Feb 19-23 both in the Cybersecurity Command Center at Kiosk 13 and in our own flagship booth 487 right next to the Command Center.