The Number of Patient Records Exposed in Data Breaches Doubled in 2023

According to a new report from cybersecurity firm Fortified Health Security, 116 million records were compromised across 655 breaches. In 2023, the number of patient records exposed in data breaches doubled in comparison to 2022, despite the number of breaches declining slightly. This is likely due to an increase in the number of large data breaches, where 16 breaches exposed more than two million patient records each. Based on the metrics collected, many of these breaches stemmed from malware, ransomware, and phishing attacks, which together made up 80% of reported breaches in 2023.

Security Officer Comments:
Healthcare providers continue to be a target for cybercriminals as they contain a treasure trove of sensitive data that can be held for ransom. With an increase in patient data being exposed last year, actors are making efforts to steal as much patient data after gaining initial access to healthcare organizations’ networks. With employees of these organizations commonly falling for lures and being an initial entry point for attacks, it’s imperative that organizations train their employees on the dangers of phishing and other threats and how to effectively detect malicious emails that come from unknown senders. Holding regular table top exercises can be an effective way of increasing employee awareness and deterring potential attacks.