Health care accounted for 29% of data breaches in 2018—so far

What’s in your wallet? It might be the sticky fingers of a cyber pickpocket.

As of early February 2018, 141 data breaches have already occurred in the new year. Of these, 41 struck the medical/health-care sector, accounting for 29.1% of all data breaches in the United States in 2018, according to a new report from the Identity Theft Resource Center (ITRC), San Diego, CA.

A data breach is typically exposed information—including Social Security numbers, financial account information, or medical information—that could potentially lead to identity theft. For this report, ITRC aggregated all data breaches reported to media sources or confirmed on notification lists from state governmental agencies.

The 141 data breaches in 2018 represent 2,949,997 exposed records, 258,768 of which were in medical/health care.

This year’s single largest data breach in medical/health care occurred when an unauthorized user apparently gained access to the email accounts of three employees of Onco360 and CareMed, subsidiaries of PharMerica, Louisville, KY.

In early January 2018, the company determined that some of the emails in those accounts “may have contained [patients’] demographic information, medication and clinical information, health insurance information, and Social Security numbers,” the company explained in a statement. “A very small number of individuals may have had their financial account information impacted as well.”

Considering the number of data breaches that have already occurred this year, 2018 is on track to meet or surpass the number of breaches reported in 2017. According to ITRC, the 2017 number of data breaches hit an all-time high of 1,579, up 44.7% over 2016’s record total of 1,091 breaches.