October Cybersecurity Report: 35 PHI Incidents, 776K Records Breached | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

October Cybersecurity Report: 35 PHI Incidents, 776K Records Breached

November 18, 2016
by Rajiv Leventhal
| Reprints

The number of reported healthcare data breaches is down for the second straight month, but October still did see 35 protected health information (PHI) security incidents, totaling 776,533 records breached, according to the latest Protenus Breach Barometer report.

The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by DataBreaches.net. This month’s analysis showed 35 incidents either reported to the U.S. Department of Health and Human Service or first disclosed in media or other sources. Comparatively, in September, there were 37 of these incidents; August was the high month of the year with 42.  

According to the report, “It’s important to note that there are some incidents reported to HHS this month that are not included in October totals—this is because they were included in previous Breach Barometer reports. Information was available for 31 of these incidents, totaling 776,533 records breached. While the number of incidents per month is down compared to this summer, it’s still considerably higher than incidents reported in early 2016.”

Of the patient records breached in October, 40 percent (14 incidents) were hacking, malware, or ransomware incidents, affecting 664,549 patient records. The report did note that there were two known hacking incidents where the total number of patient records wasn’t available, meaning if data regarding these incidents were available, the total could be substantially higher. Of the fourteen incidents for which there are numbers for, four specifically involve ransomware and another two involve ransom/extortion (but not ransomware) as the source of the breach. Three entities reported that patient data was irretrievably lost due to ransomware (one report) or during recovery from ransomware (two reports). Two entities that reported data loss during ransomware recovery were clients of a business associate who also reported data loss as a result of the same ransomware incident.

The two hacking incidents with ransom demands both involved the criminal actor known as TheDarkOverLord, and since these incidents did not appear on HHS’ public breach tool, the report is going by TheDarkOverLord’s claims as to the number of records acquired in the hack. As TheDarkOverLord has done in the past, there were samples dumped from the two entities’ databases on public file-sharing sites to pressure them into paying the ransom demands.

Meanwhile, breaches resulting from insiders resulted in 37 percent of October breaches, five of which were accidental (four incidents affected 9,477 patient records) and 8 of which were insider wrongdoing (seven incidents affected 70,497 patient records).  For the 11 of the 13 insider incidents for which there are numbers for, 79,974 records were involved, according to the report’s data.

In October, 29 incidents involved healthcare providers (83 percent of reported entities), followed by two incidents that were reported by health plans, and three incidents reported by a business associate (BA) or vendor. Seven of the October incidents involved business associates or vendors, but there may be more, as it is not always clear from initial reports which type of entity reported the breach and which was responsible, the report stated.

The Breach Barometer reports regularly mention that there are some breach incidents that are not publically disclosed for months, or in some cases, several years. Of the incidents reported in October for which there is data, it took an average of 63 days from the time the breach has occurred to when HHS is notified, which is substantially less than the 151 average number days it took from breach to reporting for September breaches.

Finally, 19 states are included in the 35 total incidents. California had four incidents, which is the most reports of any state in October. There was one incident in which a location was not indicated.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

WellStar Health System Partners with PatientPing for Care Coordination Technology

Marietta, Ga.-based WellStar Health System, the largest health system in Georgia is partnering with PatientPing, a Boston-based health technology company, to use its care coordination technology across the health system.

Senators Introduce Bill to Expand Rural Telehealth Services

U.S. Senators Roger Wicker (R-Miss.) and Brian Schatz (D-Hawaii) have introduced bipartisan legislation to expand access to rural telehealth services. The bill would allow non-rural hospitals serving rural areas to qualify for support from the Federal Communications Commission (FCC) Healthcare Connect Fund (HCF).

Healthcare Company CoPilot Settles Data Breach with $130K Payment

CoPilot Provider Support Services, a New York-based corporation that provides support services to the healthcare industry, has agreed to pay $130,000 in penalties as part of a settlement to resolve a 2015 data breach that that exposed 221,178 patient records.

Senate Republicans Release Draft of Health Care Bill

On Thursday, Senate Republican leaders, who have promised to repeal former President Barack Obama’s healthcare legislation for seven years, moved forward on that goal with the release of a draft of their plan to repeal and replace the Affordable Care Act, which they expect to vote on next week.

Vermont HIE Implements IT Solution for Improved Data Quality

Vermont Information Technology Leaders (VITL), the operator of the Vermont Health Information Exchange, has announced the implementation of a data managing and synthesizing platform in an effort to expand its IT capabilities.

Survey: 75 Percent of CIOs Concerned About Incomplete, Inaccurate Medication Data

Despite multidisciplinary efforts to improve medication reconciliation, hospital CIOs still report unsatisfactory results, with three out of four concerned that their organization’s medication history data is incomplete or inaccurate, according to a new survey conducted by the CHIME Foundation.