News & AnalysisNewsletterSecurity

Security Breach in Healthcare Sector is on the Rise


A private practice eye clinic Eye & Retina Surgeon in Singapore had been reported to have leaked the personal data and clinical information of over 73,000 patients through a cyber attack on the servers and several computer terminals at the clinic’s branch. The data compromised were patient’s names, addresses, identity card numbers, contact details and clinical information. The clinic claims that no credit card or bank account information was accessed or compromised, none of the operations were affected, and its IT systems have been restored securely. Nonetheless, investigations are still ongoing.

That’s yet another incident among the troves of cyber security attacks that are happening across the globe every week in the healthcare domain, especially in recent times.

Healthcare security breaches have regularly hit the headlines over the past few months, with the culprits ranging from shadowy hacking groups to employees snooping in electronic health records. Hospitals and healthcare firms store an incredible amount of patient data. Confidential data that’s worth a lot of money to hackers who can sell it on easily – making the industry a growing target.

And the news may only get worse, with many of the factors that left institutions vulnerable – like working from home, telehealth reliance and strained staff members – lingering amidst yet another COVID-19 wave.

On the recent breach, Jonathan Knudsen, Senior Security Strategist, Synopsys Software Integrity Group said that every organization is a software organization, even an eye clinic. All organizations, no matter their size or industry, must include cybersecurity as part of their day-to-day operations. A comprehensive, proactive approach to security reduces risk for the organisation and its customers.

In the case of Eye & Retina Surgeons, segmenting the network between administrative functions and medical data was a smart defensive move and prevented this attack from being much worse. This technique is part of the basic security hygiene that all organisations should practice.

Even with the best defences, things can still go wrong. Incident planning helps organisation be prepared to remediate problems and notify customers and authorities.

An identity breach report from the risk protection services provider Constella Intelligence found that the COVID-19 pandemic presented a variety of new ways for bad actors to take advantage of vulnerabilities in the digital ecosystem. The 2021 Identity Breach Report noted that, the healthcare sector experienced a 51% increase in the total volume of records exposed when compared with 2019.

“The COVID-19 pandemic has shown us the fragility of our online infrastructure,” said Kailash Ambwani, CEO at Constella Intelligence. “As people continue to rely on digital solutions and [work] from home, both companies and individuals must take new precautions to protect themselves from potential threat actors,” Ambwani said.

The report also noted that ransomware has been a theme throughout the report, with payments to attackers rising 337% from 2019 to 2020. “It appears that ransomware groups are getting more hostile and are less likely to restore systems, even when they are paid the ransom,” observed the researchers.

Oded Vanunu, Head of Products Vulnerability Research at Check Point Software Technologies  believes that cyber crime is constantly looking for the next target, their favorite targets are health care vendors that in case of shut down the hacking team have a very high chance to get high profit due to the nature of the target and the implication.

“These targets are usually holds a private information including health history records that are big demand on the dark net networks, from what we see in general small health clinics are not prepared for such sophisticated cyberattacks,” he said.

Filip Cotfas, Channel Manager, Cososys, explains in a blog that data in a healthcare organization is constantly created, replicated, modified, moved around, and disseminated, leaving it exposed to cyber threats. Unlike other industries, the cybersecurity in the healthcare industry is chronically underinvested and outdated.

“The lack of security framework invites several cyber-attacks and  can cause some serious damage. For example, malware and ransomware attacks to exfiltrate data often shut down devices, servers, and even networks, making the data inaccessible to health professionals. Even lack of secured encryption on the cloud storage can be exploited by cyber criminals for phishing attacks, cyber-frauds, and more,” he said.

Health organizations are often susceptible to risks through negligence by employees in the form of weak passwords, unencrypted devices, and other failures of compliance. To avoid the potential risk and damages of cybercrimes, the healthcare sector will have to step up its cybersecurity game.

He believes that offering rigorous cybersecurity training and building up a security culture within the healthcare workforce can offer some level of respite to healthcare firms. For example, it is essential to train the healthcare staff from doctors and nurses to hospice care attendants and admin staff in maintaining good cybersecurity measures. The measures could be as simple as using two-step verification, regular updates on passwords, training on software and operating system maintenance, and more.

Leave a Response

Sohini Bagchi
Sohini Bagchi is Editor at CXOToday, a published author and a storyteller. She can be reached at