Here’s a Reality Check – examples of cyberattacks on healthcare providers!
Let’s dive into some real-life examples of healthcare companies that have suffered significant losses due to cyberattacks.
Cyberattack settlement takes a toll on US-based healthcare company
Anthem, a US healthcare company reported in 2015 that unauthorized access was made to the personal information of up to 78.8 million current and former patients dating back to 2004. The breach was discovered by a database administrator who noticed his credentials were being used without his knowledge and 13.5 million records containing personal information were stolen. Anthem paid $39.5 million as part of a settlement with US states attorneys general following an investigation into the cyberattack.
Healthcare company suffers major losses due to third-party vulnerabilities
Community Health Systems (CHS) reported a data breach affecting approximately one million individuals after a third-party vulnerability in Fortra’s GoAnywhere managed file transfer solution. CHS operates 79 hospitals across 16 US states and had contracted with Fortra for cybersecurity services. The incident led to the unauthorized disclosure of the company’s data, protected health information (PHI). CHS ended up paying a $2.3 million settlement in 2020 to the Office for Civil Rights over potential HIPAA violations.
Major hacking-attack suffered by Premera Blue Cross
Health insurer Premera Blue Cross reported a hacking attack in which the information database of over 11 million customers (about twice the population of Arizona) was broken into. The stolen medical records could be used for blackmail and insurance fraud. Premera Blue Cross agreed to pay $6.85 million to settle potential HIPAA violations and implement a corrective action plan.