Banner Health is the latest in a string of healthcare organizations to feel the wrath of a cyber attack. A recent data breach put close to 3.7 million records at risk due to vulnerabilities exploited and ultimately discovered by experts over the course of this summer. Is this just another hole punctured in the facade of the healthcare industry’s attempt at cyber security, or will changes actually be made that can guard sensitive customer and business data from future attacks?
The two attacks that took place over the course of a month affected two different groupings of information from customers in the Banner Health Network. First, there were the affected users who interacted with Point Of Sale systems in Banner Health-affiliated cafeterias and storefronts – consider this the crack in the glass ceiling. Second, that ceiling shattered when hackers were able to infiltrate the network further and obtain everything from social security numbers and the names, addresses, and health plan numbers associated with each user in their path.
Hackers have slowly shifted their concentration from obtaining financial data to that of the healthcare variety – think about all of the health industry organizations that have been attacked over the past year. The popularity shows on the Dark Web as well; while the financial data duo of name and SSN may go for $1/record, health information fetches at least $75/record or more. Researchers liken the latter as a credit card with no spend limit, not to mention that insurance fraud is much more lucrative.
Once a breach occurs to a group in the healthcare industry, the way that many experts suggest dealing with future issues is to completely wipe the database and start from scratch. Reason being is that even if they find the vulnerability, there’s no real way to tell how deep it went and how long it went on for. The quick fix is to just start from scratch, which is a project that would take months to complete and affect user accessibility on a variety of levels. This is where a partnership with an MSS/MSSP like Neovera comes in to save the day – if an attack comes out of nowhere, your company isn’t stuck in the dark without a plan to immediate put into place. Plus your organization can rest assured that their protected data is secure, 24x7x365.