Please listen to the article
This audio is automatically generated. Please let us know if you have any feedback.
Diving briefs:
Data breaches were hit by more healthcare sectors last year than in other industries, according to a report released this week by financial and risk advisory firm Kroll. In 2024, the healthcare industry accounted for 23% of data breaches processed by advisory, compared to just 18% in 2023. Last year, the sector was hit by cyberattacks last year, including a major incident in claims processor changecare. “Pretty immature” incident response practices write in the report Denyl Green, the global head of Kroll's violation notification.
Dive Insights:
Analysis shows that the healthcare and finance sectors have alternated the top two most violated sectors in recent years.
Last year, healthcare returned to top position. The customer seemed quite concerned about the safety of the information. For example, this sector is ranked the highest in the number of consumers who have begun using credit and identity monitoring after a data breaches.
45% of these services were stimulated as a result of healthcare organizations involved in the breaches, but 25% of the technology industry and 20% of the financial sector. It could be due to the highly publicized nature of many healthcare violations. According to Kroll, the costs for businesses or insurance companies that may pay for these services could be higher.
Furthermore, the analysis has shown that the second highest number of calls to Kroll regarding data breaches was related to data breaches.
Healthcare was the most infringed industry in 2024
Percentage of data breaches from 2022 to 2024 by industry
Healthcare has become a major goal for cybercriminals given the high stakes in care delivery and the value of sensitive health data. Still, according to a Kroll report published last spring, the industry is less prepared than other industries and has fewer advanced security features.
In 2024, the sector survived several well-known cyberattacks, including ransomware attacks on changes that over the course of weeks that significantly interrupted payments to providers and other major operational tasks. Last month, the UnitedHealth-owned company said the attack could have undermined data for around 190 million people, the largest medical violation ever reported to federal regulators.
