Will 2015 Be "The Year of the Healthcare Hack"?
This incredible interactive graphic depicts the world's biggest data breaches by year. It shows selected losses involving greater than 30,000 records. You can expand any incident bubble to get more information, or filter by year, by method of leak, by data sensitivity and more. It's boggling. Are you selling cyber liability insurance yet?
In the past, cyber criminals targeted banks and retailers but security experts warn that 2015 could be the Year of the Healthcare Hack. Financial institutions and retailers have shored up their defenses, while healthcare remains a relatively soft target. And the data offers a promising yield:
"Stolen healthcare data can be used to fraudulently obtain medical services and prescriptions as well as to commit identity theft and other financial crimes, according to security experts. Criminals can also use stolen data to build more convincing profiles of users, boosting the success of scams."
See 5 Things an Identity Thief Can Do With Your Social Security Number. A news item on NPR after the Anthem hack discusses The Black Market For Stolen Health Care Data, explaining more about why the data is so valuable:
"The dealer is selling a value pack that includes 10 people's Medicare numbers – only it's not cheap. It costs 22 bitcoin — about $4,700 according to today's exchange rate.
Security experts say health data is showing up in the black market more and more. While prices vary, this data is more expensive than stolen credit card numbers which, they say, typically go for a few quarters or dollars.
Health fraud is more complex. Records that contain your Social Security number or mother's maiden name are used for identity theft. Virgin predicts hackers could be using them for corporate extortion."
Meanwhile, as we wait to see the full scope of the damage in the wake of the Anthem breach, here are some resources that might be helpful:
Latest Update on Anthem Data Breach, with recommendations for employers and other plan administrators from the law firm Polsinelli.
Anthem Data Breach: How to protect yourself - ESI EAP offers resources and tips for consumers who may have been affected.