This statistic is truly staggering. <\/p>\n
It suggests that, even with some individuals having their personal healthcare records stolen from multiple databases, that perhaps more than a third of the U.S. population had their healthcare records breached in 2023 alone. <\/p>\n
We expect that our healthcare institutions will continue to be subjected to unyielding attacks from organized crime groups and nation-states. These opponents are intent on extorting money through ransomware and exploiting a growing variety of malware, phishing, and social engineering strategies. We don\u2019t anticipate this trend to reverse anytime soon.”<\/p>\n
Anthony James The responsible healthcare organizations within the United States (covered entities) report data breaches under the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Breach Notification Rule (CFR 164.400-414), which requires HIPAA-covered healthcare entities and business associates to provide notification following a breach of unsecured protected health information (PHI).\u00a0<\/p>\n Our research documents statistics about these data breaches specifically categorized as Hacking\/IT (cyberattacks) and we refer to them as major data breaches. These major breaches are found and extracted from within the U.S. Department of Health & Human Services Office of Civil Rights (HHS\/OCR) database. HHS\/OCR does not release the data on data breaches caused by Hacking\/IT where fewer than 500 patient records are compromised.<\/p>\n The healthcare industry has embarked on a significant digital transformation journey in recent years, driven by the promise of cost reduction, improved patient outcomes, and enhanced care delivery. While these efforts unlock considerable financial and technological advantages, they also inadvertently expand the attack surface for malicious actors.<\/p>\n Cybercriminals see the healthcare sector as a lucrative target, drawn by its vast size, reliance on technology, treasure trove of sensitive data, and critical vulnerability to disruptions. Protecting these organizations demands a robust defense-in-depth approach, layering multiple security controls \u2013 physical, technical, and administrative \u2013 to create overlapping shields against digital assaults.<\/p>\n Finally, in this report we share and highlight the importance of DNS detection and response (DNSDR) to a robust defense-in-depth strategy. <\/p>\n Please download your copy of The 2024 Healthcare Cyber Trend Research Report<\/a><\/p>\n For more information about our products please go to our sales team via https:\/\/www.infoblox.com\/company\/contact\/<\/a>.<\/p>\n
\nVice President, Product & Solutions Marketing
\nInfoblox<\/strong>\n<\/td>\n<\/tr>\n<\/table>\n![](\"\/wp-content\/uploads\/us-healthcare-records-breached-due-to-cyberattack-vs-us-population.png\")
<\/p>\nHealthcare on the Frontlines: Evolving Defense-in-Depth to Combat Cyber Threats<\/h3>\n
![](\"\/wp-content\/uploads\/dns-detection-and-response-key-capabilities.png\"\/)
\u00a0<\/p>\n