ITRC Breach Report

At least 344 organizations in the healthcare industry suffered data breaches in 2022, according to a just-released report from the Identity Theft Research Center® (ITRC). This is the third consecutive year that healthcare organizations led all industries in the number of data compromises noted in the ITRC report.

Healthcare organizations represented 19 percent of the 1,802 breaches reported in the 2022 ITRC report, with Financial Services (268), Manufacturing and Utilities (249), and Professional Services (224) following behind. In 2021, 15 percent of the breaches tracked by ITRC affected healthcare companies.

James L. Lee, Chief Operating Officer of the Identity Theft Research Center® says that healthcare makes a logical target for bad actors online.

“Cybercriminals would much rather attack a single entity that holds the data of multiple organizations than attack the companies individually,” said Lee. “The healthcare industry is so large and encompasses so many entities that range from local small businesses to global powerhouses – all of which have access to sensitive personal information – it’s difficult to maintain uniform security across such a wide landscape.” 

“The combination of valuable data and varying levels of security makes the industry an attractive target, a condition that will likely continue for the foreseeable future. So long as there are organizations in the healthcare industry with weaker security protections, the entire industry will remain vulnerable to the impacts of attacks and breaches.”

Cyberattacks continued to be criminals’ weapons of choice, with 1,595 breaches in 2022, a slight decrease from 1,613 in 2021, with drops year-over-year in the number of breaches attributed to phishing, ransomware, and malware.

Make Sure You’re HIPAA Compliant

HIPAA compliance protects you against breaches.

Protect your business by becoming HIPAA compliant today!