UpGuard’s cyber risk team reveals how details of 40,000 patients have been exposed

By Catherine Sturman
Hackers are increasingly turning towards the healthcare industry. Patient identifiable data is increasingly valuable and is becoming an important topic...

Hackers are increasingly turning towards the healthcare industry. Patient identifiable data is increasingly valuable and is becoming an important topic for providers on a global scale.

The number of healthcare breaches is on the rise as a result of outdated, fragmented systems. The US saw the largest number of healthcare breaches in 2017, where up to 328 leaks (up to 60% of all leaks in 2017) costed the industry close to $1.2bn.

Such shocking figures do not include the many companies that have not disclosed the number of files affected or did not have access to that information, according to research Citrix ShareFile 

The cyber risk team at UpGuard have recently revealed that a digital data repository containing records from a Long Island medical practice was left publicly accessible, revealing medical details and personal identifiable information of over 42,000 patients for up to two months.

See also

Originating from Cohen Bergman Klepper Romano Mds PC, a New York practice specialising in internal medicine and cardiovascular health, the details included patient names, Social Security numbers, dates of birth, phone numbers, insurance information, as well millions of extensive medical notes. 

The breach related to a misconfiguration within present IT systems. Misconfigurations are an internal problem that are situated within the IT infrastructure of any enterprise – the problem is not solely related to hackers. “The problem is pervasive – Gartner has estimated anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems,” UpGuard explained.

Although the breach has been officially secured, it reinforces the urgency for healthcare providers to invest in resilient, advanced security protocols to secure patient data and to comply with all permitted health regulations.

Nonetheless, a 2018 Thales Data Threat Report, Healthcare Edition, has stated that only 30% of global healthcare organisations remain untouched by data breaches, highlighting that healthcare companies have a significant way to go in overhauling current healthcare systems to ensure all data is secured.


Featured Articles

Tata Consultancy Report Shows AI in Healthcare on Rise

Tata Consultancy Services AI for Business Global Study shows that three-quarters of healthcare leaders are deploying AI to drive innovation and efficiency

McKinsey: Consumers Demand Data-driven Wellness Products

New McKinsey Future of Wellness survey shows that consumers demand data-driven wellness solutions to improve health, sleep, nutrition, fitness & longevity

SpaceX Starlink Launch Boost for Indonesia Healthcare

As SpaceX CEO Elon Musk helps launch new satellite in Indonesia, we look at how the Starlink programme is improving healthcare provision in remote areas

J&J Targets Supplier Sustainability to Cut Healthcare GHGs


Walgreens to Sell Over-the-Counter Opioid Overdose Drug

Medical Devices & Pharma

McKinsey Health Institute: Focus on Health Insights Body

Digital Healthcare