Nearly three-quarters of healthcare data breaches reported to the federal government last year were attributed to hacking or information-technology incidents, according to a review of the latest data from the Health and Human Services Department's Office for Civil Rights.
As of Wednesday, the agency lists 712 breach reports that healthcare providers, insurers and their business associates submitted to the agency in 2021. These incidents affected more than 45 million patients. Last year's tally was the highest since the Office for Civil Rights debuted its breach portal in 2010; the previous record was 663 in 2020.
Hacking and IT incidents, which can include everything from cybercriminals intruding into computer systems to organizations accidentally misconfiguring their cloud servers, accounted for 73.9% of 2021's breaches with 526 incidents.
All of the 10 largest breaches reported in 2021—each of which included data on at least 1 million patients—stemmed from cybercriminals infiltrating network servers or email systems.