Recent data breach exposes millions of medical records

Electronic health records (EHR) has, in many ways, been an extremely positive development for the medical community and the general public. Digitally storing patient records has made it easier to ensure crucial patient records do not go missing and will be valuable for decades to come as this information will be instrumental in conducting research that leads to medical breakthroughs.

One drawback of the widespread adoption of EHR, however, is that sensitive information has become accessible to malicious actors. And those vulnerabilities were thrust into the spotlight recently when the Indiana-based EHR provider Medical Informatics Engineering was breached, resulting in the exposure of 3.9 million records. In addition to the medical information itself the types of information stolen included:

  • Names
  • Addresses
  • Birthdates
  • Social Security numbers

Unfortunately, the announcement of the Medical Informatics breach came right on the heels of a breach of UCLA’s network, an attack that may have affected as many as 4.5 million people. These recent incidents make clear that the health sector is the latest to attract serious attention from threat actors, following in the undesirable footsteps of retail, the U.S. government and even professional sports. So unfortunately, the healthcare sector may be victimized again in the near future.

While the total number of data breaches have skyrocketed in recent years, so too has the cost to organizations. In fact, the average cost of a breach has increased 23 percent over the past two years to $3.79 million, according to IBM and the Ponemon Institute’s 2015 recently released Cost of Data Breach Study. So for healthcare organizations—and businesses across all sectors—it quite literally pays to be prepared.

If you would like to see firsthand how an incident response platform can help your organization to avoid becoming the next to suffer a data breach, sign up for a demo today.

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Cody Cornell. Read the original post at:

Avatar photo

Cody Cornell

Cody is responsible for the strategic direction of Swimlane and the development of our security orchestration, automation, and response (SOAR) platform. At Swimlane we advocate for the open exchange of security information and deep technology integration, that maximizes the value customers receive from their investments in security operations technology and people. Collaborating with industry-leading technology vendors, we work to identify opportunities to streamline and automate security activities saving customer operational costs and reducing risk.

cody-cornell has 132 posts and counting.See all posts by cody-cornell