A Whopping Rise in Healthcare Cyber Incidents

The numbers speak for themselves

• As of August 13, 2020, the Department of Health and Human Services' HIPAA Breach Reporting Tool has recorded 302 major healthcare breaches impacting nearly 8.7 million individuals.
• Magellan Health, one of the Fortune 500 companies, was struck by a ransomware attack in April 2020. In mid-August, Magellan Health confirmed that about 1.7 million individuals have been affected so far by the April cyberattack.

Healthcare sector allures more

• So far, in August, many healthcare organizations like Illinois healthcare system FHN, Premier Health Partners, MedEvolve, Ashley County Medical Center, Nova Scotia Health, Aberdeen Hospital, Valley Regional Healthcare, and Hampshire Hospitals NHS Foundation Trust have suffered data breaches and unauthorized access incidents.
• In July 2020, National Cardiovascular Partners, Quantum imaging, Heartland Counseling Services Inc., and Hapvida became victims of cyberattacks and data breaches.

Threat actors in the field

• APT29 group had attempted to steal coronavirus related research and intellectual property from healthcare research organizations, universities, researchers, etc. to steal coronavirus related research secrets between May and July.
• Several other malware and threat actors including FritzFrog, Bazar Backdoor, Hakbit, Evil Corp, etc. were found targeting the healthcare sector (along with some other targeted sectors).
• Ransomware like Netwalker (Center for Fertility and Gynecology, Lorien Health Services), Maze ransomware (Regis Healthcare), etc. also created havoc among healthcare organizations. 
• Beaumont Health witnessed a phishing attack, when some email accounts have had unauthorized access between January 3, 2020, and January 29, 2020.

Conclusion