Healthcare continues to be a prime target for hackers and cybercriminals in 2018 and they will likely only get more creative despite better awareness and heightened security protocols among organizations who are prioritizing data and information security more than ever.
And while the healthcare industry is often targeted due to the vast amount of personal data it stores, it’s not the only industry vulnerable to a security breach. No matter the industry you’re in, whether it’s healthcare, insurance, legal, or financial, any time you possess confidential employee and customer data, you are at risk.
This collection highlights some of the biggest breaches – and points out some mistakes to avoid in the future.
1. Employee error exposed data of 16,000 Blue Cross patients online for 3 months
An employee uploaded a file containing member information to a public-facing website in April, but officials did not discover the error until July. The breach serves as a reminder for organizations to have proper access controls and network monitoring in place to either prevent these types of errors or to quickly detect improperly uploaded data.
2. 205,000 patient records exposed on misconfigured FTP server
Arkansas-based MedEvolve misconfigured its FTP server and exposed the data of 205,000 patients from two separate providers. MedEvolve’s leak is not unique to the vendor, as misconfigured databases continue to plague the healthcare sector. About 70 to 99 percent of these cases are caused by internal misconfiguration. The issue could be avoided by better internal policies of the organization’s IT infrastructure.
3. 1.4 million patient records breached in UnityPoint Health phishing attack
This is the second breach for the health system this year, and the biggest health data breach of 2018 in the U.S. According to the notice, the health system’s business email system was subjected to a series of targeted phishing emails that looked like they were sent from an executive within the company. An employee fell victim to the emails and opened them, which gave hackers access to internal email accounts from March until April.
Securing Confidential Records and Data
Record Storage Systems
Record Storage Systems specializes in lifecycle document management services that address your document storage, scanning, electronic document management, and shredding needs. As your business changes, your document management needs evolve. We offer reliable solutions that enable you to manage and access your documents and electronic records securely and easily.