In the start of 2018, around 141 data breaches occurred. Out of this number, 29.1% of breaches were related to the pharma industry. As the year has progressed, this figure has slowly grown. A total of 2,949,997 files have been stolen or compromised.
Another thing that experts have noticed is that these hackers have a new favorite niche they want to break into the health and medical industries! These two industries are being targeted by hackers frequently. The data they have is more valuable on the dark web. Furthermore, this industry makes use of outdated modes of security which make hacking an even easier feat.
The following are some of the biggest data breaches which have occurred in the pharma and healthcare industry:
1. Blue Cross
In July 2018, officials discovered an employee error which exposed the personal data of around 16,762 patients. The error actually occurred in April but officials at Blue Cross were not aware of it until July. During this time, the personal details including names, diagnosis codes, information for claims. The breach occurred when an employee accidentally left a file on the publically accessible area of the website.
2. Fetal Diagnostic Institute of the Pacific – FDIP
In June 2018, the Fetal Diagnostic Institute of the Pacific in Hawaii was victim to a ransomware attack. While they were able to restore impacted data with a backup, the attack compromised the data of around 40,800 patients. While the FDIP does not store payment information and other financial details, the sensitive data which was exposed can still be used for identity fraud. The ransomware attack was linked to various others which are done with the SamSam virus. It has been particularly designed to target healthcare and pharmaceutical institutions.
3. Augusta University Medical Center
Hackers got access to the personal records of around 417,000 patients in two cyber attacks. These were targeted at the Augusta University Medical Center. Hackers got into the system by requesting passwords and usernames which gave them access to different email accounts. Once the attack was discovered, officials quickly disabled the impacted email accounts. However, there is cause for concern since the compromised data contained details such as insurance information, demographic details, medical records, medications and more.
Situated in North Carolina, LabCorp Diagnostics ranks among the largest clinical laboratories in the U.S. In July, the institute was forced to shut their networks when suspicious activity was detected. While an investigation is still being conducted to figure out what data was impacted, LabCorp has sensitive data of 115 million patients. Based on where the breach occurred, all this data could be at risk because of the hacker attack. Luckily, the activity was only detected on LabCorp servers and not on the Covance Drug Development area. In 2014, LabCorp bought the company for a total of $6.1 billion.
As hackers are developing more software, the risk that health and medical companies face cannot be emphasized enough. Employee error is a major contributing factor to data breaches as well. However, with weak security protocols, many hackers have been able to get into the files of medical institutions with ease.