Report: 81% of Health Care Companies Say They Have Been Compromised

Sept. 8, 2015

Report: 81% of Health Care Companies Say They Have Been Compromised High-profile cyberattacks affecting major health organizations began to garner headlines in the past year, but the breaches covered in the media were only the tip of the iceberg for the health care industry, according to a new report from KPMG. Eighty-one percent of health care executives in a recent poll admitted their companies have been compromised in the past two years. With fraud schemes like account takeover and account creation increasingly being used in e-commerce environments to monetize stolen data, hackers are no longer targeting only retailers, processors and banks for payment card information. They are using the personally identifiable information found in the systems of other large organizations like health insurers and hospitals to cash in.

And, going forward, the attacks only figure to increase, the survey found. Thirteen percent of those polled said they are targeted by external hack attempts daily while an additional 12 percent said they experience two or more attacks per week. Sixteen percent said they cannot detect compromises in real time.

“The vulnerability of patient data at the nation’s health plans and approximately 5,000 hospitals is on the rise and health care executives are struggling to safeguard patient records,” said Michael Ebert, leader in KPMG’s Healthcare & Life Sciences Cyber Practice. “Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed. A key goal for execs is to advance their institutions’ protection to create hurdles for hackers.”