The report put healthcare in second place behind general ‘online companies’, who were responsible for 53 registered data breaches since 2004.
Of those 47 data breaches over the past 18 years, 43 per cent were due to a stolen computer or stolen media; 38 per cent because of hacking; while 10 per cent related to general poor security. These breaches accounted for the loss of almost 200 million records.
Healthcare’s biggest breach was a hacking incident at Anthem Inc, the second-largest health insurer in the US, in 2015. Eighty million records were released online, including personal information such as client social security numbers, emails, home addresses and employment information.
Finance third-largest industry for data breaches
The financial industry (including insurance) was the third-largest offender for the loss of personal data, reporting 38 data breaches in the past 18 years, amounting to almost two billion lost records.
Half (50 per cent) were due to hacking, while almost a fifth (18 per cent) related to stolen media. A further 16 per cent were due to breaches by a company insider, while five-per-cent were attributed to general poor security.
Within the financial sector, the biggest leak was in 2019, in which 885 million records from insurance giant First American Corporation’s website were found to be publicly accessible. This included bank account details, social security numbers, wire transactions and other mortgage paperwork dating back to 2003.
Digitalisation has ‘pros and cons’
The figures serve as a potent warning of the importance of strong data security – particularly for healthcare providers and insurers.
A spokesperson for VPN Overview said: “The digitalised era comes with plenty of pros, but lots of cons at the same time, with possible data leaking probably being the most dangerous one. The hackings and data leaks in this list, as well as many others, should serve as a reminder of what can be done to improve security within plenty of industries, as it clear that no company is really safe from them.”
However, they added that: “While it is wise to remember that everything we put on the internet cannot be 100 per cent deleted, it is also important to be able to trust organisations which are supposed to protect and store their consumers’ data safely.”
ITIJ examined the complex subject of cybercrime earlier this year.