You are here
2015 Could Be 'Year of the Health Care Hack,' Experts Warn
Security experts are warning health care and insurance companies that 2015 could be the “Year of the Health Care Hack,” as cybercriminals are increasingly attracted to personal information held by U.S. hospitals and insurers, according to a new report from Reuters.
Anthem Inc, the No. 2 U.S. health insurer, last week disclosed a massive breach of its database containing nearly 80 million records, prompting investigations by state and federal authorities. That hack followed a breach last year at hospital operator Community Health Systems, which compromised some 4.5 million records.
During the past decade, cybercriminals focused their efforts on attacking banks and retailers to steal financial data, including online banking credentials and payment card numbers, Reuters says. But as those companies boost security, using stolen credit card numbers has become more difficult. Their prices on criminal exchanges have also dropped, prompting hackers to turn to the less-secure medical sector, just as the amount of digital health care data is growing dramatically.
Stolen health care data can be used to fraudulently obtain medical services and prescriptions as well as to commit identity theft and other financial crimes, according to security experts. Criminals can also use stolen data to build more convincing profiles of users, boosting the success of scams.
The insurer UnitedHealth Group Inc has said that the costs to eliminate or address the threats could be significant and that remediation may not be successful, resulting in lost customers.
Aetna Inc has cited automated attempts to gain access to public-facing networks, denial-of-service attacks that seek to disrupt websites, attempted virus infections, phishing, and efforts to infect websites with malicious content.
Source: Reuters; February 12, 2015.