Healthcare data breach volumes decline but victims increase

Data breaches in healthcare decreased by 15% between the second half of 2022 and the first six months of 2023 but individuals affected by such breaches rose from 31 million to 40 million, which is the highest on record, with the increase attributed to the impact from breaches at Managed Care of North America and PharMerica, which are the third- and fourth-largest on record, respectively, reports FierceHealthcare. Both unauthorized access/disclosure breaches and third-party compromise against healthcare organizations increased, with network server compromise emerging as the most prevalent point of entry among threat actors as organizations bolstered their phishing attack protections, according to a Critical Insight report. "Our report found that hackers are increasingly targeting the weakest links and vulnerable points in the supply chain, specifically business associates or third-party companies, that offer services to healthcare organizations emphasizing the importance of effective incident response planning and proactive defense strategies. Now more than ever, healthcare organizations must remain vigilant of their security and exposures within their supply chain as attackers constantly adapt new strategies," said Critical Insight Healthcare Cybersecurity Strategist John Delano.