The ransomware attack against Change Healthcare in February, which exposed more than 100 million records and caused widespread disruption to the U.S. healthcare system, was the largest in the first half of this year, according to a recent report from Kiteworks. It was a major data breach.
The attack, in which affiliates of the ransomware group BlackCat/ALPHV stole 4TB of data, reiterates that health systems in the United States and other regions continue to be a top target for ransomware and other threat groups, the company said. It is said that it was embossed. specializes in secure email communications and raised $456 million last month, raising its valuation to $1 billion.
In fact, five of the top 11 data breaches listed in Kiteworks' Top 11 Data Breach Report for the First Half of 2024 ranged from Change, Inc., a subsidiary of UnitedHealth Group, to Kaiser Permanente, Inc., a healthcare consortium. Until now, it was in the healthcare industry. British blood test management company Synovis and Australian prescription delivery service MediSecure.
Other industries included in the list include telecommunications and financial services. Others involve infringement by third parties.
This ranking is based on Kiteworks' new Risk Exposure Index. When assessing the severity of an attack, this index calculates not only the number of records exposed and the financial impact, but also factors such as the sensitivity of the exposed data and the number of regulations affected. . Use of ransomware by attackers.
“Our findings revealed several alarming trends, from the increasing prevalence of ransomware attacks to vulnerabilities related to third-party interactions and internal errors,” said Kite. Patrick E. Spencer, Werks vice president of corporate marketing and research, said in the report, adding: This is aimed at managing the communication of sensitive content across all sectors, especially as organizations increasingly rely on multiple communication tools and third-party services, which can create numerous points of entry for cyber threats. “It emphasizes the extreme importance of this.”
It's no surprise that many of the people on Kiteworks' list were medical professionals. Over the past few years, this industry has ranked among the top industries targeted by malicious attackers. Cybersecurity firm Sophos said in a report late last month that the rate of ransomware attacks against these facilities has reached its highest rate in four years, with 67% of organizations surveyed saying they have been affected by ransomware this year. He pointed out that this is an increase from 60% in 2023.
According to Kiteworks, the Change attack was associated with the most severe incident, the National Public Data data breach, both receiving a rating of 9.46 out of 10.
The list of medical violations includes:
1. Change (9.46): The company processes hospital and clinic payments, medical bills and insurance claims, and prescription orders, so when its systems are shut down after a ransomware attack, patients are unable to receive treatment. This loss of coverage has sent ripples throughout the U.S. medical industry. Even if you get a prescription from a medical institution, you cannot receive payment. Federal agencies and Congress were also involved, with lawmakers pushing for minimum cybersecurity standards for health care providers and related organizations.
2. Synnovis (9.11 rating): In June, a ransomware attack by the Qilin ransomware group against a UK pathology laboratory resulted in medical procedures being postponed and patients being diverted to other facilities. Kiteworks announced that approximately 300 million records were compromised, with an economic impact of $53.7 billion.
3. Kaiser (7.6): Kaiser Permanente began warning members in April about a data breach that exposed 13.4 million records, including sensitive information such as customer names and IP addresses. The company says this information was sent to third-party vendors including Microsoft Bing, Google, and X (formerly Twitter). Kiteworks estimates the financial impact to be approximately $2.4 billion.
4. Medi-Secure (7.56): The data of 12.9 million Australians who used the prescription delivery service was stolen by hackers in a ransomware attack in July. Sensitive data included the user's name, contact information, medical history, and prescriptions. The financial impact, including ransom payments and legal costs, was more than $2.3 million, according to Kiteworks, which introduced a revamped MSP/MSSP program last month.
5. Cenkora (6.23): Pharmaceutical companies suffered a cyberattack in February that exposed more than 1 million records obtained by the Fortune 50 company through its partnerships with drug manufacturers such as Bayer and Pfizer. The records contained personally identifiable information (PII) and protected health information, the majority of which was managed by the Patient Support Services subsidiary. According to Kiteworks' research, the financial impact of this breach was $179 million, including regulatory fines, legal fees, and costs for security improvements and individual notification.
Other top data breaches involved telecommunications companies and businesses that handle sensitive data.
6. National Public Data (9.46): The company collects PII data from a wide range of publicly available sources and sells it to businesses for use cases such as background checks and mobile apps. A data breach in April exposed 2.9 billion records belonging to 1.3 million people. The information ranged from names and email addresses to social security numbers and phone numbers. According to Kiteworks, the economic impact was more than $501 billion.
7. AT&T (9.37): The giant wireless carrier suffered two breaches that exposed more than 110 million records. In one case, AT&T agreed to pay a $13 million fine related to violations of a third-party vendor. The second attack occurred similarly. This was due to a high-profile breach of data cloud giant Snowflake. The Snowflake breach also hit Ticketmaster, which also made it to Kiteworks' Top 11 list with an exposure of 8.79.
8. U.S. Postal Service (7.31): The government agency reportedly shared online customers' addresses with vendors such as Meta, LinkedIn, and Snap. Kiteworks said 62 million records were leaked and the incident “demonstrates the vulnerability of government agencies that manage public data.”
9. Evolve Bank (6.83): The banking-as-a-service company announced in May that it suffered a ransomware attack that compromised the sensitive information of 7.6 million customers. According to Kiteworks, the prominent LockBit group is behind this attack, which is expected to have a financial impact of more than $1.3 billion.
10. InfoSys McCamish Systems (6.23): IT service management companies were also victims of LockBit. Earlier this year, the company disclosed a ransomware attack that occurred at the end of 2023 and compromised approximately 6.1 million records.