Hospital Sisters Health System restores health record access | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

It starts with an often-paralyzing attack on computer systems. Doctors scramble to notify patients awaiting surgery that their procedures have been delayed due to a ransomware attack.

Sometimes a single cyberattack can impact hospitals across multiple states, as was the case when hackers targeted CommonSpirit Health in October 2022. Just one reported case of ransomware has allegedly led to the death of a patient. More often, patients’ sensitive information is served up to a market of seedy individuals around the world ready to cash in on someone else’s identity.

Drata analyzed Department of Health and Human Services data to determine which states felt the largest impacts due to health care data breaches in 2022. The total number of individuals affected by all health care data breaches in each state reported to HHS was normalized as a rate per 10,000 people. Data was not available for Alaska, Idaho, and Washington D.C.

The HITECH Act, signed into federal law in 2009, requires companies to report the breach of protected health information affecting 500 or more people to HHS. Around 38.5 million people in total were affected in some way by the incidents reported to HHS last year. Unfortunately, the data does not make it possible to know how many people may have been affected by more than one breach.

Health care institutions are among the most targeted businesses in the world, chiefly because they hold such sensitive information about the patients they serve. Hospitals, home health agencies, and other institutions store patients’ phone numbers, Social Security numbers, addresses, and other things that would allow any would-be criminal to pose as a patient and open new credit cards or bank accounts in their name.

In fact, roughly 44% of all reported identity theft in 2022 resulted in a fraudulent credit card account being opened, according to Federal Trade Commission data. The agency received a record number of fraud reports in 2021, with the total fraud reports for 2022 coming in on par with 2020. The years 2020 and 2021 marked an important pivot in how consumers shared their personal information, with the adoption of digital banking and retail shopping driven to modern highs as a result of the COVID-19 pandemic.

In 2022, the FBI’s Internet Crime Complaint Center received millions of complaints of cybercrime with losses totaling $10.3 billion. It can take time—even years—for personal information compromised in a data breach to be used for a crime that brings the event to the attention of the FBI.

But the pandemic also drove a rise in cyberattacks on hospitals and other health care businesses. And a good deal of that sensitive information begins its journey into nefarious hands when a hacker illegally accesses information at a health care institution.


Click Here For The Original Story From This Source.

National Cyber Security