p1a8tud9lm18o77ch11p72qirjb6.jpg

10 largest healthcare cyber attacks of 2015

How dangerous are the cyber hackers targeting the U.S. healthcare industry? Health Data Management, a SourceMedia publication, tracked 10 major hacks announced during 2015, with the single largest victimizing 78.8 million individuals. Some of the attacks started in 2014 or even earlier, but were not discovered until much later. The total number of victims from these hacks (not counting a newly disclosed one that may be substantial) is 109,671,626, which represents about one-third of the population of the U.S. Each hacked organization has offered paid credit and/or identity theft protection services. Here are the largest from 2015.

[Image: Fotolia]
p1a8tud9lm1dom5221slqsvc16hf7.jpg

Anthem: 78.8 million affected

The insurer shocked the industry on February 5, 2015 by disclosing a monster hack that initially was believed to affect 80 million (it was later slightly downsized to 78.8 million). The hack affected all Anthem product lines, compromising names, birthdates, member IDs, SSNs, addresses, phone numbers, email addresses and employment data, including individual incomes.


[Image: Fotolia]
p1a8tud9lmegm8uvsud1mfkvli8.jpg

Premera Blue Cross: 11 million affected

The health plan discovered the cyber attack on January 29 and later learned the hack started on May 5, 2014. As with Anthem, a wide range of member information was compromised, including personal bank account numbers. Affected members dated back to 2002.


[Image: Fotolia]
p1a8tud9lm17mv19ormqfvb2gp9.jpg

Excellus BlueCross Blue Shield: 10 million affected

Excellus learned of the attack on August 5, 2015. As with other similar attacks, the investigation found that intruders had accessed the network considerably earlier, with the initial attack on December 23, 2013. “This incident also affected members of other BCBS plans who sought treatment in the 31-county upstate New York service area of Excellus BCBS,” the company said. “Individuals who do business with us and provided us with their financial account information or Social Security number also are affected.”


[Image: Fotolia]
p1a8tud9lnbei7o3cf55ne1uvta.jpg

UCLA Health: 4.5 million affected

UCLA Health detected suspicious network activity in October 2014 and investigated with assistance from the FBI. “At that time, it did not appear that the attackers had gained access to parts of the network that contain personal and medical information,” the health system said. As part of an ongoing investigation, UCLA on May 5, 2015, determined that attacks had accessed parts of its network and may have had access as early as September 2014.


[Image: Fotolia]
p1a8tud9ln1gbh142f1k9910tv3stb.jpg

Medical Informatics Engineering: 3.9 million affected

MIE, which sells electronic health records with its NoMoreClipboard subsidiary, noted suspicious activity on a server May 26, 2015. A forensics investigation determined that unauthorized access started on May 7. The haul was impressive with patient names, user names, hashed passwords, security questions and answers, email addresses, dates of birth, health information and Social Security numbers all compromised.


[Image: Fotolia]
p1a8tud9ln1htkkgh81vat6bhjc.jpg

CareFirst BlueCross BlueShield: 1.1 million affected

Last May the insurer announced that attackers accessed a single database; the hack was discovered during ongoing security work being done in the wake of other attacks on insurers. Access occurred in June 2014, and cybersecurity firm Mandiant found no evidence of prior or subsequent attacks. “Limited personal information was involved in this attack—for instance, no member Social Security numbers, medical claims information or financial information was put at risk,” said Chet Burrell, president and CEO, in a message to plan members.


[Image: Fotolia]
p1a8tud9ln1lvbn0t1fes72dqqid.jpg

Beacon Health System in Indiana: 220,000 affected

Last June, the two-hospital delivery system notified patients of a phishing attack that accessed multiple employee email boxes as far back as November 2013. Found by an internal forensic team after an employee noticed email irregularities, the breach affected hospitals and affiliated physicians. The attack was sophisticated, with the last date of unauthorized access on January 26, 2015.


[Image: Fotolia]
p1a8tud9ln14841itb1cud120t1oire.jpg

Advantage Dental: 151,626 affected

The organization with 30 clinics across Oregon was fast finding the hack and alerting patients, sending out notifications within 30 days after an internal database was hacked. The access initiated on February 23 and was discovered on February 26, when access was terminated. The intruder accessed the database through a computer infected with malware, said Jeff Dover, compliance manager. Conducting forensics and remediation in-house reduced costs and aided in being able to issue notifications quickly, he added.


[Image: Fotolia]
p1a8tud9lnikb13jemu61ei2t09f.jpg

Muhlenberg Community Hospital: 84,681 affected

The hospital in September learned from the FBI that it had been compromised and later confirmed that some computers were infected with a keystroke logger designed to capture and transmit data as it was entered onto the affected computers. The malware may have been put in place as far back as 2012.


[Image: Fotolia]
p1a8tud9ln118r1ufjgrm11bof0vg.jpg

MaineGeneral Health: Number of affected members is unknown

This is a newly announced cyber attack, and the number of affected individuals has not yet been announced, but could be substantial. Regional media were notified in recent days, an indication under HIPAA rules that at least 500 individuals are affected, making it a major breach. However, the hack—affecting patients, employees and donors—spans the entire 40-facility delivery system, including two-site MaineGeneral Medical Center, community care, rehabilitation and long-term care, and a retirement community.

The organization on November 13 learned from the FBI that MaineGeneral data was found “on an external website which is not accessible by the general public.” Known compromised information at this time includes patient dates of birth, emergency contact names, addresses and telephone numbers; as well as names, addresses and telephone numbers of certain employees and donors.


[Image: Fotolia]
MORE FROM EMPLOYEE BENEFIT NEWS