Posted in Breaches

Hacking attacks against providers soared in 2016

Chris Nerney
Chris Nerney, Contributing Writer |
Hacking attacks against providers soared in 2016

Hacking attacks on healthcare providers skyrocketed in 2016, according to an analysis by consulting firm CynergisTek.

The company’s seventh annual breach report concludes there were 325 large breaches of protected heath information (PHI) in 2016 impacting 16.6 million patient health records.

A total of 96 healthcare providers reported PHI breaches of greater than 500 records due to hacking/IT incidents in 2016, an increase of 320 percent over the 30 incidents reported in the previous year. The total number of health records breached in hacking attacks at providers soared to 9.5 million last year, an increase of 181 percent from 2015.

The largest attack in 2016 was against Banner Health in Arizona, in which 3.6 million patient records were breached, CynergisTek said. Four other attacks on providers each resulted in breaches of more than a half-million patient records.

“While these larger breaches are striking due to the number of patient records compromised, it is equally notable that most of the hacking attacks/IT incidents reported in 2016 occurred at ambulatory clinics,” the report said. “It may be that these are ‘easy targets’ since many small practices lack the necessary IT security resources and expertise to implement effective security protections.”

CynergisTek Vice President Dan Berger urged providers to intensify data protection measures.

“Healthcare providers have become the primary targets of malicious hackers, and their attacks are becoming increasingly sophisticated and disruptive to operations,” Berger said. “The dramatic increase in hacking attacks in 2016, coupled with the large number of patient records compromised in those incidents, points to a pressing need for providers to take a much more proactive and comprehensive approach to protecting their information assets in 2017 and beyond.”