Healthcare Information Security – What The Hackers Are Looking For?

Recently there was news about information hacks at Anthem, one of the largest health insurance companies. This exposed important information of millions of customers and employees. It is one of the evidences of information security hacks in the healthcare industry. There are many such instances. However, it seems that the health facilities are yet not paying much importance to the security of healthcare information. You too may be a victim of cybercrime where the important information of your healthcare facility can get hacked and leaked. The cybercriminals are increasingly collecting health information of patients by hacking the information pool of the reputed healthcare facilities in the country and are selling the information for a premium price in the black market. The cyber security professionals are worried and are looking for ways to combat such information security hacks.

According to Lee Weiner, the senior vice president at Rapid7, a cybersecurity firm, “What we’ve seen in the last few years is that attackers have realized the economics of healthcare data are very, very attractive.”

According to Anthem, the healthcare insurance company the hackers collected a lot of personal information about the customers of the company and also of the employees. The pieces of information that the hackers collected included social security numbers, street addresses, email accounts, and birthdays. One of the most dangerous data to be stolen by the hackers is the medical information numbers of the patients of a specific healthcare facility. According to the healthcare information security experts, the theft of medical information numbers is dangerous as those numbers can be used for committing different medical frauds.

According to a report by the Dell SecureWorks, the stolen data from Anthem including all health insurance credentials got sold in for $20 per piece on underground market. The news of sale to the underground came up after much probing in the year 2013. Dell SecureWorks further confirmed that the amount is 10 to 20 times larger than the cost of a US credit card number along with a security code.

What can be done with the stolen information?

 Stolen information through hacking can be used to impersonate victims of hacking. It is done to obtain highly expensive medical care and for purchasing expensive equipment and medical accessories. The health care providers often cannot detect such fraud cases and the hackers continue on their illegal practices without any hindrances. In comparison however, the credit card frauds are easier to track and punish. Experts say that in case of healthcare information hacks, it becomes difficult for the victims to detect and modify the information again.

According to another research by the Ponemon Institute cybercrime attacks on the healthcare facilities have increased to almost 100 percent. This has been noted over a period between the year 2009 and 2013. The report further stated that the cyberattacks on healthcare facilities have increased to about 40%.

The FBI has warned every healthcare facility to have a strong security system in place to stop hacking of important information. However, still there are healthcare organizations that are not taking the cybercrime and information theft seriously. And, information security threat continues…