2016 Data Breaches Have Exposed 4.6 Million Records

[Batu69]

The latest count from the Identity Theft Resource Center (ITRC) reports that there has been a total of 177 data breaches recorded through March 22, 2016, and that more than 4.6 million records have been exposed since the beginning of the year. The total number of records increased by 22 compared with the prior week.

 

Another hospital, this time in Kentucky, has been attacked and patient records are being held for ransom. To recover data that has been encrypted before being deleted, the hackers are seeking four bitcoins (about $1,600) at current exchange rates. A similar ransomware attack cost a California hospital $17,000 to purchase the key to decrypt the files and recover the data.

 

The total number of breaches in 2015 came in at 781, just two shy of the record 783 breaches that ITRC tracked in 2014. The 177 data breaches reported so far for 2016 is nearly 6% higher than the number reported for the same period last year. A total of more than 169 million records were exposed in 2015.

 

Here’s a rundown of the ITRC report for last week:

• The business sector accounts for the largest number of the total breaches so far this year, with more than 365,000 exposed records in 82 incidents. That represents 46.3% of the incidents and 7.9% of the exposed records.
• The medical/health care sector has posted 35.6% (63) data breaches to date this year. The number of records exposed in these breaches totaled more than 3.82 million, or about 83% of the total so far in 2016.
• The number of banking/credit/financial breaches totals four for the year to date and involves more than 4,000 records, some 2.3% of the total number of breaches and 0.1% of the records exposed.
• The government/military sector has suffered eight data breaches so far this year, representing about 2.2% of the total number of records exposed and 4.5% of the incidents. More than 102,000 records have been compromised in the government/military sector to date.
• The educational sector has seen 20 data breaches in 2016. The sector accounts for 11.3% of all breaches for the year and more than 307,000 exposed records, about 7% of the total so far this year.

Since beginning to track data breaches in 2005, ITRC had counted 5,810 breaches through December 2015, involving nearly 848 million records.

 

Article source

[straycat19]

Hospitals have always been an easy target and still are.  Their IT department is usually understaffed and under trained and lack experience.  The pay is terrible and qualified personnel usually don't stay long, just getting another line on their resume under experience in order to obtain a better position.  My brother-in-law was recently in the hospital and in each room was a mini workstation mounted on the wall with a monitor, keyboard and mouse and all the cables exposed.  It was no problem to unplug the ethernet cable and plug it into a laptop and gain access to their system during visits.  The nurse even logged into the system once while I was there and then walked out of the room for a couple minutes, plenty of time to plug a forensic key into the system and capture the login data.  Their security is so terrible I am surprised that more of them haven't been hacked.