Fri. Jun 5th, 2020

A new report from law firm BakerHostetlers found that Healthcare organizations, especially those that have previously been hit with a phishing attack, were the number one target for major data breaches last year.


In its fifth annual Data Security Incident Response Report, the law firm gathered insights from its legal work with victims of more than 750 US data breach incidents in 2018.


Key findings from the report shed light on some of the security challenges affecting various industries. For instance, while phishing was involved in 37 percent of incidents across all sectors, other common causes were network intrusions (30 percent); inadvertent disclosures (12 percent); loss or stolen devices/records (10 percent); and system misconfiguration (4 percent).


Other key findings across all industries

  • 25 percent of incidents triggered international reporting requirements under laws such as the European Unions General Data Protection Regulation
  • 91 percent of organizations who paid ransom after a ransomware attack, received an encryption key and had its data restored. And the average ransom paid was nearly $29,000, and the largest ransom paid was $250,000
  • 55 percent of breaches were caused by employees. That includes falling victim to phishing attacks where users mistakenly clicked on malicious links
  • 5 percent of breaches were caused by malicious insiders
  • 11 percent of incidents involved vendors
  • 34 percent of the time, once an attacker gained access to an account or a device, the most common next steps were accessing an Office 365 account (34 percent); roaming the network to find available data (30 percent); installing ransomware (12 percent); or obtaining a wire transfer to an attackers account (8 percent)


Taking action

The BakerHostetlers report also highlights several risk management steps organizations should take, including:

  • Secure cloud resources
  • Implement multifactor authentication (MFA)
  • Update detection methods and defenses to keep up with cybercriminals who constantly modify their tools, tactics, and procedures to avoid detection
  • Employ basic cyber hygiene throughout your organization
  • Prepare for increased extortion demands as cybercriminals are identifying victims and demanding higher ransoms


To download the full report click here (PDF).