How One Healthcare Data Breach Exposed the Health Information Security Crisis

Healthcare Data Breach

It’s no secret that hackers are hungry for consumer information. We all double-checked our purchasing history when news reports surfaced surrounding the Target and Home Depot hacks. We were among the hundreds of thousands who frantically changed all of our passwords when the potentially catastrophic Heartbleed bug wreaked havoc across the web.

There are precautions we can each take as consumers to protect our valuable information, but hackers always seem to be a few steps ahead of us. Most recently, it seems they’ve found a way to attack our coveted data in the most vulnerable of settings: our healthcare facilities.

When you visit hospitals, the last thing on your mind is the safety of your personal information. But after hearing this breaking news, you may start to give that notion a second thought!

Cyberattacks on hospitals have quietly existed for a number of years. But today’s hackers are bolder and more sophisticated than ever. The February 2016 hack on Hollywood Presbyterian Medical Center in Los Angeles has brought healthcare data breaches and health information security to the forefront of national conversation.

Here’s what you need to know.

What happened with the healthcare data breach in Los Angeles?

The hospital personnel at Hollywood Presbyterian Medical Center in Los Angeles found themselves in the midst of an internal emergency in late February. For longer than a week, anonymous hackers held the medical facility hostage by shutting down their internal computer system for a ransom of 9,000 bitcoin, which would equate to approximately $3.7 million.

This largescale cyberattack forced the facility to revert to long-expired processes, such as using paper registrations and medical records. Emergency rooms were impacted and fax lines were jammed through lack of access to email. All 911 patients had to be relocated to other area hospitals.

While the source itself still remains unclear to the public, the attack has been attributed to a type of malicious software called ransomware. Put simply, ransomware prevents you from using your electronic device, holding all of your files hostage.

To put this in perspective, imagine logging onto your computer for the first time one morning only to be notified that you can’t access any of your personal documents, social media logins, email accounts or virtual bank statements until you pay a lump sum to an anonymous hacker.

Now multiply that into holding hundreds of patients’ personal and medical data hostage in exchange for more than three million dollars!

The hospital ended up paying out the equivalent of $17,000, and the FBI is currently investigating to identify the source of the attack.

Are we on the cusp of a major health information security crisis?

Healthcare data breaches don’t only impact the medical facilities by way of ransom. These hacks can also result in theft of valuable patient information – including financial documents – and can compromise patient data, causing injury or death.

While hackers are growing more sophisticated on all fronts, medical facilities are particularly vulnerable to their attacks. In fact, nearly 90 percent of healthcare providers were hit by breaches in the past two years. This rise in cyberattacks against doctors and hospitals is costing the U.S. healthcare system around $6 billion a year!

You don’t need to be an expert to understand this is a huge deal. But that doesn’t mean expert research isn’t surfacing on this topic. A group of white hat hackers – hackers who use their powers for good instead of evil – from Independent Security Evaluators (ISE) recently released a report concluding their findings after hitting 12 American hospitals in an effort to prove the extreme vulnerability of our healthcare data.

These researchers used a number of methods – all with the permission of the participating hospitals – to get a read on the strength of IT security. Vulnerabilities were found when the white hat hackers were able to access hospital systems including several patient monitors. This gave them the ability to sound false alarms, display incorrect patient vitals and more.

They also discovered ways to bypass important hospital logins, to create false IDs to hijack blood samples and drugs and to route all newly-entered patient information straight to the attackers without personnel or patients knowing it was happening. While some security breaches were achieved through highly sophisticated methods, others were as simple as deciphering weak, easily-crackable passwords or outdated systems.

While ISE was unable to assess the entirety each hospital’s information security measures, everything they did evaluate had gaping flaws. In the wake of the ransomware attack in Los Angeles, it is expected that more cyberattacks will put hospitals in a deep information security crisis.

Is an influx of InfoSec jobs the answer hospitals are seeking?

Whether the particular vulnerability of hospitals to cyberattacks is due to lack of funding, use of susceptible technologies, a major skills shortage or a harrowing combination of the three, it’s clear that something needs to be done to strengthen the nation’s health information security.

It’s no wonder InfoSec careers are on the rise! Jobs are expected to grow more than twice as fast as all occupations on average by 2024. And you can rest assured that in the midst of prioritizing cybersecurity, medical facilities will edge their way to the front of the line in recruiting top-notch InfoSec professionals.

If you’re curious about what these jobs in information security entail and wondering if you might be cut out to be the IT superhero hospitals are desperately seeking, check out our article: 5 Fascinating InfoSec Jobs that Help Combat Cybercrime.


Related articles:

Jess Scherman

Jess is a Content Specialist at Collegis Education. She researches and writes articles on behalf of Rasmussen College to help empower students to achieve their career dreams through higher education.

writer

Related Content

This piece of ad content was created by Rasmussen College to support its educational programs. Rasmussen College may not prepare students for all positions featured within this content. Please visit www.rasmussen.edu/degrees for a list of programs offered. External links provided on rasmussen.edu are for reference only. Rasmussen College does not guarantee, approve, control, or specifically endorse the information or products available on websites linked to, and is not endorsed by website owners, authors and/or organizations referenced. Rasmussen College is a regionally accredited private college and Public Benefit Corporation.

Add your comment

*

Please enter your name.

*

Please enter your email.

*

Please enter your comment.

Take the Next Step—Talk to Us!

Request More Information

Talk with a program manager today.

Fill out the form to receive information about:
  • Program Details and Applying for Classes 
  • Financial Aid and FAFSA
  • Customized Support Services
  • Detailed Program Plan

Step 1 of 3

What's Your Name?

Please enter your first name.

Please enter your last name.

Step 2 of 3

Contact Information

Please enter your email address.

Please enter your phone number.

Please enter your five digit zip code.

Step 3 of 3

Program Preferences

Please choose a school of study.

Please choose a program.

Please choose a degree.

By requesting information, I authorize Rasmussen College to contact me by email, phone or text message at the number provided. There is no obligation to enroll.

icon-colored-advance icon-colored-build icon-colored-certificate icon-colored-growth icon-colored-national icon-colored-prep icon-colored-regional icon-colored-state icon-colored-support logo-accreditation-acen logo-accreditation-ccne ras-logo-flame ras-logo-horizontal ras-logo-stacked icon-filter icon-info-circle icon-mail-forward icon-play-solid icon-share-square-o icon-spinner icon-tag icon-general-connect icon-general-degree icon-general-discuss icon-general-email icon-general-find icon-general-laptop icon-general-leader icon-general-map icon-general-paperwork icon-general-phone icon-general-speak-out icon-simple-chat icon-simple-desktop icon-simple-find icon-simple-hamburger icon-simple-phone icon-testimonial-quotes icon-social-facebook-square-colored icon-social-facebook-square icon-social-facebook icon-social-google-plus-square icon-social-google-plus icon-social-instagram icon-social-linkedin-square-colored icon-social-linkedin-square icon-social-linkedin icon-social-pinterest-p icon-social-twitter-square icon-social-twitter icon-social-youtube-play-colored icon-social-youtube-play icon-util-checkbox-white icon-util-checkbox icon-util-checked-white icon-util-checked icon-util-chevron-down icon-util-chevron-left icon-util-chevron-right icon-util-chevron-up icon-util-open-window-button icon-util-open-window-link icon-util-pdf-button icon-util-pdf-link icon-util-refresh icon-util-x