2020 hasn’t been a promising year for many. Making matters worse, the healthcare industry which has always been our saviour (actually, more than a saviour in 2020) has seen the worst of cyberattacks ever. Yes, we’ve seen these attacks happening in other industries as well but a cyberattack pertaining to the healthcare sector has its own set of challenges. Healthcare industry is associated with loads of data and is also said to possess weak security in comparison to other sectors which is why it is prone to cyber-attacks. Theft of identity and other relevant information is the motive, needless to say.
Having said that, let’s have a look at the healthcare industry’s cyberattacks in the year 2020 that left the world baffled.
There are always some events (good as well as bad) that remain in our memory forever. Well, the cyber-attack of Blackbaud is surely one of those events that’ll remain imprinted in our minds.
The very thought of breaching the data of millions of patients leaves us terrified. Now imagining how impulsive this attack would have been (though, it still is) for there is still no clear information available as to how many patients have been impacted so far itself sends chills down the spine. But, it is believed that over 10 million patients have been breached of their data. Yes, you read that right. OVER 10 MILLION!!
It was in the month of May that Blackbaud was infected with a ransomware attack. Even though the company’s cyber-security team was able to stop the attackers in midway, the attackers still had a good chunk of data with them such as name, contact details, health details, etc.
With over 10 million people being affected, this surely stands as one of the worst cyber-attacks one can think of.
Luxottica, an eye-care conglomerate saw one of the worst cyber-attacks in the year 2020. In August, the attacker hacked the web-based appointment scheduling application (used to schedule appointments) that is managed by Luxottica. It was after 4 days of being hacked that it was detected.
It was found that the data about prescriptions, health insurance details, date and time of appointment, credit card information, etc. of as many as 8.29 lakh patients were stolen, making it yet another major cyber-attack in 2020.
HEALTH SHARE OF OREGON
What could be worse than breaching data by stealing a laptop that had data of not hundreds, not thousands but lakhs of people? This is exactly what happened when the laptop owned by a transportation vendor of the Health Share of Oregon got stolen and data of about 6.5 lakh patients was at stake.
The device that got stolen had information about the contact details of the patients, Medicaid ID numbers, date of birth, etc. The only thing that relieved the tension to some extent was that the device had no information about the health history of the patients. But, with 6.5 lakh patients’ data being involved in the attack, this surely makes its place in the top attacks of the year.
This cyber-attack came into light in the month of September. Aspenpointe, a behavioural and mental health provider, issued a statement saying that approximately the data of approximately 3 lakh patients was compromised. It was during this period that the company had to stop a majority of its operations for a number of days. A thorough investigation into this matter finally could reveal that the hackers who were involved in this attack had gathered information like contact details, bank account details, date of birth, etc.
Magellan Health plan’s servers were hit by a ransomware attack in the month of April and the attack was severe enough as with this attack nearly 3.65 lakh patients and employees got impacted. Hackers had gained access by leveraging a social engineering phishing scheme that impersonated a Magellan Health client and all this was done 5 days prior to the attack.
Employee information like their credentials, passwords, etc. and patient data like health insurance account information, contact details, treatment information, etc. was stolen.
While the healthcare sector continues to offer life-saving services and is undoubtedly a blessing for all of us, but the number of cyber-attacks in this industry raises concern about its weak security. It is high time now that this is taken note of and come up with solutions to put a halt to these attacks.