UpGuard’s cyber risk team reveals how details of 40,000 patients have been exposed

By Catherine Sturman
Hackers are increasingly turning towards the healthcare industry. Patient identifiable data is increasingly valuable and is becoming an important topic...

Hackers are increasingly turning towards the healthcare industry. Patient identifiable data is increasingly valuable and is becoming an important topic for providers on a global scale.

The number of healthcare breaches is on the rise as a result of outdated, fragmented systems. The US saw the largest number of healthcare breaches in 2017, where up to 328 leaks (up to 60% of all leaks in 2017) costed the industry close to $1.2bn.

Such shocking figures do not include the many companies that have not disclosed the number of files affected or did not have access to that information, according to research Citrix ShareFile 

The cyber risk team at UpGuard have recently revealed that a digital data repository containing records from a Long Island medical practice was left publicly accessible, revealing medical details and personal identifiable information of over 42,000 patients for up to two months.

See also

Originating from Cohen Bergman Klepper Romano Mds PC, a New York practice specialising in internal medicine and cardiovascular health, the details included patient names, Social Security numbers, dates of birth, phone numbers, insurance information, as well millions of extensive medical notes. 

The breach related to a misconfiguration within present IT systems. Misconfigurations are an internal problem that are situated within the IT infrastructure of any enterprise – the problem is not solely related to hackers. “The problem is pervasive – Gartner has estimated anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems,” UpGuard explained.

Although the breach has been officially secured, it reinforces the urgency for healthcare providers to invest in resilient, advanced security protocols to secure patient data and to comply with all permitted health regulations.

Nonetheless, a 2018 Thales Data Threat Report, Healthcare Edition, has stated that only 30% of global healthcare organisations remain untouched by data breaches, highlighting that healthcare companies have a significant way to go in overhauling current healthcare systems to ensure all data is secured.


Featured Articles

Johnson & Johnson: Turning supplier spend into local support

Johnson & Johnson’s Global Supplier Diversity & Inclusion team is growing spending with social enterprises around the globe to expand its impact

Seasonal Affective Disorder’s impact on health & solutions

Dr Ravi Gill & Dr. Naomi Newman-Beinart discuss Seasonal Affective Disorder and its treatments, from vitamin D spray to light therapy

CGI teams up with Totalmobile for digital healthcare service

CGI is driving efficiency in healthcare. Hear from Helena Jochberger, at Manufacturing Digital LIVE, a free virtual event on Wednesday 6th December 2023

Deloitte: generative AI can improve access to healthcare

Technology & AI

Wipro & NVIDIA’s revolutionary healthcare uses generative AI


Healthtech platform CoverSelf extends seed round to US$8.2m

Technology & AI