Hidden Healthcare Hacks
The rising problem of Cyber Crime in the Healthcare sector
Digital technology has become essential in almost all of our lives, making it hard to imagine a life without its convenience. As we become more reliant on technology, the importance of cybersecurity becomes increasingly apparent.
However, many people do not fully grasp the seriousness of this topic, often overlooking alarming statistics which are emerging. While we focus on securing things like financial information, social media accounts and emails, another crucial aspect is ignored — our health data.
What is a data breach?
When an unauthorised person obtains private information, usually via hacking, phishing or other methods of cyberattack, it is referred to as a data breach. These breaches can result in the exposure, theft, or misuse of sensitive data, including personal details, financial information, and increasingly health records.
In the context of healthcare data breaches can involve patient records, genetic information and other private medical data, putting individuals at risk of identity theft, financial loss and privacy violations.
Why is this a problem?
You might imagine these scenarios as far-fetched plots from Hollywood movies, like Identity Thief. However, the threat is very real. Instead of a comedic actress such as Melissa McCarthy targeting your finances, it is malicious cybercriminals who are behind these attacks, posing serious risks to both you and many others around the world.
The stakes are especially high in healthcare. Unlike financial information, which can be changed (like cancelling a credit card), health data is permanent and incredibly sensitive.
Consider the consequences if every detail about your health, from your blood type to your genetic makeup, were exposed. The impact could be severe and far-reaching, and often beyond what you could imagine.
Particularly, your genomic data could be exploited in various ways; from being synthesised and planted at crime scenes, denial of health insurance because of predispositions to disease or being let go from a job because of disease history.
While the digital transformation in healthcare has made patient record management faster and more efficient, it has also introduced significant risks related to privacy and data security.
It’s clear that we need to prioritise the protection of this sensitive data more seriously. Unfortunately, despite the urgency, the response to these risks has often been insufficient.
2023 — the year of healthcare hacks
Breaking a record is typically seen as a positive achievement, but in this case, it’s anything but.
Unfortunately, 2023 set a new and troubling record, becoming the year with the highest number of large security breaches in healthcare. A report released by HIPAA showed the total number of breaches rose to 725, surpassing the previous year’s already alarming figure of 720.
There has been an upward trend since 2009, excluding the year 2015, showing a rise in these types of hacks.
The amount of hacks is a scary number, but this is further emphasised by there being an average of 373,788 individuals affected by these types of hacks daily, resulting in 133 million in the year.
You can read more about the year’s statistics and the biggest hacks that contributed to these record numbers released by HIPAA here.
Future of data security
We are now well into 2024, and surely, we have learned from the previous year to better manage these breaches, right?
If you thought that was the case, I’m afraid you are as naive as those responsible for protecting the data. Despite the ongoing threats, the response to these breaches remains frustratingly insufficient.
A report for the first half of 2024 released by HIPAA shows that although this year has had some improvement in the number of records breached, the frequency of breaches has increased. Notably, the breach at Change Healthcare might be the largest yet, with unofficial estimates suggesting it could have impacted one in three Americans.
Additionally, in the UK, the National Health Service (NHS) faced a serious breach when Synnovis, the organisation responsible for handling blood tests for the NHS, had its security compromised. A Russian group known as ‘Qilin’ managed to steal approximately 400GB of patient data, which was later posted on a dark web site. This hack affected nearly 83,000 individuals. However, the impact went beyond data theft — it also disrupted essential services, including ambulance dispatches, the NHS 111 helpline, and access to patient records.
These examples, along with many others, highlight the urgent need for increased awareness and stronger security measures. At Genomes.io, our mission is to ensure that your genetic data remains secure and accessible only by you, so you can have peace of mind knowing that your data is safe.
What can I do if I am a victim of a data breach?
If the company responsible for your data has experienced a data breach, they must report it to the supervisory authority within 72 hours of when they became aware. You should also be informed if the breach poses any significant risk to your data.
But what can you do about it once it has already happened?
Here are five essential steps you can take:
Check Your Accounts:
- Review all your accounts, even those you haven’t accessed in a while. These accounts might still contain sensitive information that could be at risk. Take action to secure them by updating passwords, enabling two-factor authentication, and removing any unnecessary data.
Assess the Damage:
- Evaluate the extent of the breach and decide on the necessary steps. This might involve closing compromised accounts or increasing security measures on others.
Backup Your Data:
- Ensure you have secure backups of all important data. Don’t rely on just one source for storage.
Raise Awareness:
- Do not stay silent about the breach. Inform others who might be affected and share your experience. By making noise, you help others take timely action to protect themselves, and contribute to a broader awareness of the risks.
Educate Yourself on Cybersecurity:
- Invest time in learning about cybersecurity practices. Understanding how to protect your data and recognising potential threats can help you prevent future breaches and respond more effectively if they occur.
You can listen to our X (formerly Twitter) space for more detail on these steps.
As always, feel free to connect with us via info@genomes.io should you have any further questions on the topic discussed, we are happy to help where we can!