An insight: 2020’s biggest healthcare data breaches

Over the last few years, healthcare data breaches have increased rapidly, with millions of records getting effect. This year, healthcare data breaches continue to be of major concern – it requires healthcare providers to ensure proper disposal of documents, establishing secure remote connections, and spreading awareness about phishing attacks.

Based on a report, by the end of 2020, security breaches would cost about USD 6 trillion purely in the healthcare sector.

Here are a few major healthcare data breaches this year that spotlight the current vulnerabilities and scope for improvement:

Healthcare Sector Cybersecurity Services

1) Florida Orthopaedic Institute

Due to a ransomware attack on the Florida Orthopedic Institute (FOI), there was a data breach of nearly 640,000 patients. After discovering the attack, administrators could contain the system, but the investigation revealed that patient data was accessed during this breach.

The patient data that was accessed had varying information as per the patient but included sensitive information like Social Security Numbers (SSN), insurance plan id numbers, payment amounts, date of birth, payer id number, and previous claims.

2) Aveanna Healthcare

After the first phishing attack detected on August 24, 2019, by Aveanna Healthcare in Georgia, the pediatric home care provider discovered that numerous employee email accounts were hacked.

Post an account review in December 2019, and the compromised data featured patient details, SSN (Social Security Numbers), medical and financial details, ID numbers, and license details.

Since the organization delayed notifying patients of the breach, i.e., beyond the 60 days, nearly 100 breach victims filed a case against Aveanna Healthcare.

As per the lawsuit, “The private information was maintained on Aveanna’s computer network in a condition vulnerable to cyberattacks, including the infiltration of certain email accounts containing [patients]’ private information.”

ALSO READ | Infographic: Tips To Prevent Ransomware Attacks!

3) BJC health system

In May 2020, BJC Healthcare started contacting 2,87,876 patients from 19 of its affiliate hospitals that their personal and healthcare data was compromised after a cyber phishing attack.

Before this, the accounts of three BJC health employees were hacked. However, it was not clear if any patient information, email trails, or files were accessed or downloaded during the attack. Post analysis, BJC analyzed all the emails and records to understand which patients were affected and the kind of information present in the documents accessed.

With the threat of cyber attacks increasing in the healthcare sector, it is estimated that healthcare organizations will invest USD 65 million in cybersecurity until 2021.

ALSO READ | Telemedicine and Cybersecurity: Securing Health Data!

How, StealthLabs, aims to help you

Helathcare Data Breach

Since security has emerged as one of the major concerns today, StealthLabs offers strong domain expertise and valuable experience in the areas of Compliance Advisory, Incident Response, Identity Access Management and Managed IT Security.

Contact Us


More Cybersecurity Articles: