Cybersecurity

22 million US health records breached thus far in 2022

Hackers can use personal healthcare information to target victims with fraudulent schemes related to their medical history. By GlobalData Healthcare

Cybersecurity is an important consideration for many industries, but the healthcare, pharma, and medical device sectors are particularly susceptible to cyberattacks. Personal healthcare information is highly valuable to hackers, and the medical industry is known to be slow to adopt new technology and update existing products to patch security vulnerabilities. GlobalData forecasts that spending on cybersecurity in the medical device sector will grow from $869 million to $1.2 billion between 2020 and 2025, at a Compound Annual Growth Rate (CAGR) of 7.3%—only accounting for about 11.3% of health cybersecurity spending and 0.6% of the forecast global security spending of $198 billion for 2025. Read more in GlobalData’s recent report, Cybersecurity in Healthcare 2022.


Hackers can use personal healthcare information to target victims with fraudulent schemes related to their medical history, create fake insurance claims to buy/sell medical equipment, or acquire illegal prescription medications for their own gain or for resale. Unlike credit card information or personal identification information, medical history cannot be changed, making it much more valuable on the black market. Over 41 million individuals in the US alone were affected by healthcare data breaches in 2021, according to reports of breaches affecting 500 individuals or more by the US Department of Health and Human Services (HHS) Office of Civil Rights. Thus far in 2022, cases affecting more than 22.5 million individuals in the US are under investigation, which is a 4.6% increase compared to the same time last year. The HHS reports the largest breach for 2022 so far was the network server breach at Shields Health Care Group, affecting as many as two million individuals and involving personal information, home and billing addresses, diagnoses, and other medical or treatment information.


Interconnectedness via the Internet of Things (IoT) is important to devices like insulin pumps, heart pacemakers, connected inhalers, and wearable trackers, as it helps improve diagnosis, reduces costs, and allow remote monitoring and consultation. As such, medical device companies and their business associates are increasingly responsible for large amounts of sensitive electronic patient data and, without securing all components of the cybersecurity value chain, these companies will remain a primary target for data breaches. For example, in mid-2021 over 61 million records related to Apple and Fitbit users’ wearables were exposed due to an unprotected third-party database.

10/21/2022 14:19:22
  • Home | Are metaverse applications becoming a reality in medical training?
  • In this issue
  • Contents
  • Formacoat Company Insight
  • Formacoat
  • Briefing
  • Industry news
  • The medical industry briefing
  • Alleima Company Insight
  • Alleima
  • Thermo Fisher Scientific Company Insight
  • Thermo Fisher Scientific
  • Mimotopes
  • Comment
  • 22 million US health records breached thus far in 2022
  • VR and AR are maturing as medical training tools, but what about mixed reality?
  • Augmented reality for orthopaedic surgery assistance
  • mdi Consultants
  • Sartorius
  • Watlow
  • Mecmesin Company Insight
  • Mecmesin
  • In Depth
  • Are metaverse applications becoming a reality in medical training?
  • Microneedle tech: 3D printing to the rescue
  • Why aren’t digital pills taking off?
  • Connected devices: a tsunami of clinical trial data
  • Apple Rubber
  • Accumold
  • Tricor Systems
  • In Data
  • Medical device companies best positioned to weather industry disruption
  • Medical industry found it easier to fill vacancies in Q2 2022
  • AI innovation in medical industry dropped in the three months ending June
  • Melexis
  • TS Quality & Engineering
  • Events
  • Next Issue