2. August was an outlier
Ransomware is becoming a significant cause of data breaches, according to NCC Group's report. There were 39 ransomware attacks against healthcare organizations in September, compared with 21 in August, the company said. In other months this year, more than 30 separate ransomware attacks affecting the industry occurred in each, dating back to March.
Read more: Healthcare data breach costs keep climbing: report
3. Healthcare didn't have the most attacks
Cybercriminals using BlackCat ransomware, which includes malware-infected email or website links, targeted healthcare companies seven times last month, NCC found. The manufacturing and retail industries were hit more often last month with that specific type of ransomware. Overall, healthcare was the fourth most affected industry by malware attacks in September, behind manufacturing, retail and technology. There 514 malware attacks last month across all industries, the highest number of monthly attacks recorded this year.
4. MOVEit is a big problem
More than 600 companies have disclosed breaches relating to Progress Software’s MOVEit program, according to data from security firm Emsisoft. Many of them are from the healthcare industry including Houston-based Harris Center for Mental Health and Baltimore, Maryland-based Johns Hopkins Medicine.
MOVEit transfers large files, potentially those including sensitive documents. A ransomware gang began exploiting a vulnerability in the software to steal data, according to a Cybersecurity and Infrastructure Security Agency news release. The vulnerability was discovered by Progress in May. Revenue cycle management tech company Arietis Health reported on Oct. 17 that data on 1.9 million patients was compromised because of the MOVEit breach. In September, clinical documentation software company Nuance Communications said it was part of the MOVEit breach in an incident that affected 1.2 million patients.
5. Companies want help stopping breaches
The rising threats to data security has been noticeable to consultants who work with health systems. According to Modern Healthcare’s Healthcare IT Consulting Firms Survey, 75% of respondents reported an increase in client concern regarding data security in the past year.