by Jon Sternstein | Jun 28, 2022 | Publications, Research
In its first annual healthcare data breach report, Stern Security has critically analyzed over 4,000 data breaches since the Department of Health and Human Services began tracking the information in 2009. Stern Security utilized data from their HealthcareBreaches.com website as well as published information from Health and Human Services to create this comprehensive report.
This report shows thought-provoking insights into healthcare breach trends over the past 12 years. It covers everything from the number of breaches attributed to ransomware to third-party (business associate) breaches. More healthcare breaches occurred in 2021 than any other year and this report illustrates the detailed analysis.
If you enjoyed the report and want to stay in the loop, please join our mailing list:
by Kyle Malicoate | Oct 5, 2021 | Education
Phishing attacks can happen to anyone whether you’re a CEO, financial analyst, nurse, janitor, IT specialist, or receptionist. In the 2020 Internet Crime Report, the FBI revealed phishing was the top reported cybercrime, consisting of 241,342 reported incidents. This number has more than doubled since 2019. Phishing attacks often consist of an email that is “URGENT”, includes links, or requires you to download an attachment. In the United States, 74% of organizations experienced a successful phishing attack, causing over $54 million in damages. Phishing is no longer simply a means of stealing credentials, rather hackers are creating more sophisticated phishing attacks to cause greater damage. A 2020 study that polled over 1,000 MSPs showed that phishing is also the leading cause of ransomware attacks organizations, which is why it is more important than ever to be vigilant.
Since one wrong click can lead to a compromised organization, Stern Security has prepared four tips to help identify and protect against a phishing attack.
Tips
- Be Skeptical – It May be a Scam
- Is the email asking you to log into a site or reset your password?
- Is there a sense of urgency in the email?
- Did you “win” something?
- Links and Attachments – Do not click links or open attachments that you are not expecting.
- When in doubt, Call – Call your service desk or security team if you are suspicious of an email. You can also call the sender if you know them to see if they really sent it. Don’t call the number in the email as this could be a spoofed or fake number.
- Report It – Did you catch a phish? Great work! Now report it to your security team because others may have received the same email.
References
https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
https://www.statista.com/chart/25247/most-common-causes-of-ransomware-attacks
https://www.datto.com/resource-downloads/Datto-State-of-the-Channel-Ransomware-Report-v2-1.pdf
