'DarkOverLord' ransomware accounts for nearly 30 percent of health data breaches in July
Cybercriminals launching ransomware attacks – and one hacker in particular known as TheDarkOverLord – represented nearly 30 percent of the 39 data breaches in July. The average time an attack went unreported, meanwhile, was a whopping two years.
That’s according to the July Breach Barometer from Databreaches.net and security specialist Protenus.
Protenus CEO Robert Lord said that the amount and variety of attacks hackers perpetrate against healthcare organizations suggest that July’s findings may persist into the foreseeable future.
Hackers actually accounted for 41 percent of attacks in June, wherein 11 million records were breached, but Lord pointed out that was the most reported to date.
Indeed, after June’s record-setting numbers, breaches and health records exposed in July 2016 settled back down to a more normal 126,930.
The DarkOverLord garnered the biggest breach with 23,565 records and then put them on the dark web for sale. Protenus also noted that the total number of hacker attacks also included ransomware and malware incidents.
The July Breach Barometer also uncovered interesting trends relating to government agencies, paper records and business associates.
Almost half of U.S. states had at least one breach incident, in fact. Of all the breaches, 25 percent of involved paper records and an equal percentage involved business associates.
Sign up for the Healthcare IT News Privacy & Security Update newsletter.
Healthcare providers constituted 87 percent of the July breaches and health plans made up 8 percent, while the remainder consisted of vendors and a U.S. military prison, the report said.
Perhaps the biggest surprise was how long it took healthcare organizations to report breaches. The average, Lord said, was two years and one incident even lasted six.
“Even in the industry where we generally assume that breaches go undetected for a long period of time, I found these numbers surprising,” Lord said. “We’ve created an environment where there’s no way to detect when a breach has occurred and it’s difficult to hold organizations accountable and make sure every breach is reported.”
Twitter: @SullyHIT
Email the writer: tom.sullivan@himssmedia.com