Over the last few years, particularly since the start of the pandemic, malicious threat actors have increasingly targeted the healthcare sector. It's often a lucrative situation for cybercriminals, as sensitive medical data can fetch a high price on the Dark Web.
Though not COVID-19 related, one of America's largest healthcare providers, Kaiser Permanente, disclosed a data breach affecting the protected health information (PHI) of more than 69,000 individuals.
The company described what happened in a recent statement:
"On April 5, 2022, Kaiser Permanente discovered that an unauthorized party gained access to an employee's emails. We terminated the unauthorized access within hours after it began and promptly commenced an investigation to determine the scope of the incident.
We have determined that protected health information was contained in the emails and, while we have no indication that the information was accessed by the unauthorized party, we are unable to completely rule out the possibility."
The information involved in this incident includes:
• First and last name
• Medical record number
• Dates of service
• Lab test result information
Kaiser did add that it does not believe there was any evidence of identity theft or misuse of PHI as a result of this incident.
But why do we keep seeing these data breaches from large organizations?
There are obviously a myriad of reasons why a data breach could occur, but it often comes down to simple cyber hygiene from employees. This is something that keynote speakers touched on at the recent RSA Conference.
Several people mentioned that when it comes to improving cybersecurity as a whole, it comes down to the easy things that you hear over and over again. Implement multi-factor authentication (MFA), update your software to its latest version, train your end-users to know how to avoid phishing scams and be careful what they click on, etc.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also has a ton of useful information on its homepage that can help you improve your cyber protocols.
Do you have thoughts on how we should be approaching cybersecurity? What is your organization doing that might be useful to others? Come discuss this and anything else cyber related at an upcoming SecureWorld Conference.