A recent survey from Accenture showed that 26% U.S. consumers have had their personal medical information stolen from technology systems, and half of those who experienced a breach were victims of medical identity theft. On average, those victims had to pay around $2,500 in out-of-pocket costs per incident.
The breaches were most likely to occur in hospitals (36%), followed by urgent-care clinics (22%), pharmacies (22%), physician’s offices (21%) and health insurers (21%). Half of consumers who experienced a breach discovered it themselves, through noting an error on their credit card statement or benefits explanation, while only one-third were alerted to the breach by the organization at which it occurred.
The latest count from the Identity Theft Resource Center (ITRC) reports that the medical/health care sector leads all others in the number of records compromised so far in 2017. The sector posted 31.9% (46) of all data breaches. The number of records exposed in these breaches totaled tops 630,000, or about 61.6% of the 2017 total.
The business sector accounts for nearly 350,000 exposed records in 64 incidents. That represents 44.4% of the incidents and 33.9% of the exposed records so far in 2017.
The educational sector has experienced 25 data breaches since the beginning of the year. The sector accounts for 17.4% of all breaches for the year and more than 20,000 exposed records, about 2.1% of the year’s total.
The government/military sector has suffered nine data breaches to date in 2017, representing about 2.4% of the total number of records exposed and 6.3% of the incidents. Over 24,000 records have been compromised in the government/military sector.
The number of banking/credit/financial sector has reported no breaches so far this year. However, Iranian hackers were responsible for launching a wave of distributed denial of service (DDoS) attacks against U.S. banks in 2012. And an executive at cybersecurity firm CrowdStrike recently warned about a rise in cyber espionage and other cyberattacks from Iran:
What’s new is the level of activity we’ve seen, with dozens of targets in Saudi Arabia over the past two months. One of the things we’re tracking is if things escalate between the US and Iran, then we expect attacks will be likely in the [U.S.] financial sector.