| Individuals February 16, 2018

February 16, 2018

Over 3.6 million hacked in January healthcare breaches

By Lookout


In January, we saw a significant uptick in malicious activity from this same time last year. Throughout the month, we recorded twice as many breaches - compromising the personal information of over 7.3 million individuals worldwide. That's an increase of over million people affected compared to last January. Of significance, the Department of Homeland Security suffered data leakage that compromised the records of over 240,000 current and former employees.

It may be a new year, but it's business as usual for today's cyber criminals

Similar to last year, healthcare organizations continue to be a prime target. As you can imagine, criminals are keen to get their hands on the rich information held by healthcare organizations, from medical records to billing information and everything in between. In 2017, hackers used malware, ransomware, and phishing schemes to penetrate dozens of healthcare organizations. In addition to hackers, insiders - employees - were also responsible for compromising or exposing sensitive information, either accidentally or with malicious intent.

January 2018 data breaches by the numbers

If the first month of 2018 is any indication, this trend shows no immediate sign of changing. For example, take a look at just a few of the incidents:

  • The Agency for Healthcare Administration reported that 30,000 Medicaid recipients had their medical records and personal information breached in a phishing scam.
  • SSM Health recently alerted 29,000 patients that a former call center employee accessed medical records for unspecified illegal use.
  • Oklahoma State University disclosed that the billing information for 280,000 Medicaid patients was accessed in a breach.

That's just three of the eight significant healthcare breaches we catalogued in January; breaches that exposed sensitive data including names, email addresses, phone numbers, health and financial information, and social security numbers.

The data breach problem is bigger than the U.S.

While the threats facing the healthcare industry continue to impact organizations in the U.S, January showed us the problem remains international. In the past month, Norway's leading health authority, Health South-Seat RHF reported that the patient data of nearly three million individuals may have been compromised in a breach. In Malaysia, Derma Organ announced that the personal information of 220,000 Malaysian organ donors and their families had been leaked online.

In total, breaches within the healthcare industry were responsible for exposing the personal information of nearly 3.7 million individuals worldwide in January alone.

What can you do to remain vigilant?

As we saw in 2017, consumers cannot always rely upon breached organizations to offer timely and comprehensive information about their breaches. Keeping yourself informed and up to date is critical. For extra added protection, consider upgrading to Lookout Premium. You'll be alerted anytime a service or app you use is breached, gain valuable theft protection, and get actionable advice on what you can do to protect your data and identity in real time. Click here to learn more about the benefits of Lookout Premium.