"Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims"

Critical Insight has recently unveiled its 2023 H1 Healthcare Data Breach Report, offering insights into the cybersecurity landscape of the healthcare sector.  The researchers analyzed data breaches from healthcare organizations to the US Department of Health and Human Services (HHS).  The researchers noted that there was an overall decrease of 15% in total breaches during the first half of 2023 compared to the latter half of 2022.  The researchers stated that this suggests a potential downturn in breaches for the entire year, making 2023 the lowest breach count since 2019.  However, the decline in breaches was counterbalanced by a significant 31% increase in the number of individuals affected by data breaches during H1 2023 compared to H2 2022.  The researchers stated that this surge resulted in 40 million individuals being impacted within six months, equivalent to 74% of the total affected in 2022.  Primary breach causes remain centered around hacking and IT incidents, contributing to 73% of breaches in H1 2023.  Unauthorized access and disclosure followed as the second most prevalent type.  Breaches due to theft, loss of records, and improper disposal remained relatively minimal.  The researchers also saw a shift in hacker tactics toward exploiting network server vulnerabilities, responsible for 97% of the compromised individual records.  In contrast, breaches stemming from email vulnerabilities constituted only 2%.  Another noteworthy finding is the increased targeting of third-party business associates.  Breaches involving business associates surpassed those impacting healthcare providers and health plans.  Around 48% of compromised records were linked to business associates, compared to 43% associated with healthcare providers.  Notably, 50% of individuals affected by breaches during H1 2023 were connected to a business associate.

Infosecurity reports: "Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims"