Healthcare providers can’t catch a break.
The number of individuals affected by healthcare data breaches has increased steadily over the last year, according to data obtained from the U.S. Department of Health and Human Services. As hospitals and other healthcare providers grapple with an influx of COVID-19 patients, they’re also struggling with cybersecurity incidents: From February to July, the average number of breached individuals reached about 1.3 million per month, compared to about 700,000 for the six months prior, the data shows.
The uptick is due in part to several large breaches that were recently disclosed by healthcare firms. In June, for example, Arizona-based Magellan Health reported that it was targeted by a ransomware attack that may have affected 1,013,956 individuals, according to HHS. In July, Florida Orthopaedic Institute disclosed that a ransomware attack may have affected 640,000 individuals.
In addition to ransomware attacks, the information collected by HHS includes a wide range of data loss incidents, including improper disposal of documents, theft and loss of devices, and unauthorized access to computer systems.
Although it’s unclear if the increase in reported healthcare breaches is related to the coronavirus outbreak, hackers have tried capitalizing on the crisis by incorporating it into phishing attacks and other scams.