A recent study published in the Annals of Internal Medicine has taken a look at cybersecurity breaches at medical facilities, to better understand the types of data stolen during an attack. Looking at 1,461 breaches that occurred between October 21, 2009, and July 1, 2019, the study looked to break down the stolen data into three major categories: financial, demographic, and personal.
While there’s constant concern about hackers stealing private medical information, Xuefeng Jiang, lead author for the study, noted the theft of sensitive medical information was actually fairly rare, with it being stolen in only 2 per cent of breaches. Broader medical information, when not accompanied by financial or demographic information, was also only stolen in about 16 per cent of breaches. In comparison, 70 per cent of breaches were targeting either financial or demographic information.
Says Jiang of hackers’ motives, “They can’t make money directly on patients’ medical results.” Instead, Jiang indicated that the limited cases of thefts of sensitive medical information are likely only the result of hackers grabbing everything they can, rather than targeted strikes. As for the risk of medical records being stolen, Jiang says “Don’t worry about sharing [medical] information with your doctors.”
