Healthcare Data Breaches Up 53% from Q1, 2023
Data compromises have increased by 90% compared to Q1, 2023, according to the Q1 2024 Data Breach Report from the Identity Theft Resource Center (ITRC). In Q1, 2024, there were 841 publicly reported data compromises, up from 442 compromises in Q1, 2023. While data compromises almost doubled, there was a 72% fall in the number of victims compared to Q1, 2023, and a drop of 81% from the previous quarter, with 24,474,351 individuals known to have been affected by the 841 data breaches.
In Q1, 2023, healthcare was the most attacked industry; however, in Q1, 2024, healthcare dropped to second place (124 notices and more than 6 million records breached), behind financial services (224 notices and more than 18 million records breached). Healthcare data breaches increased by 53% from Q1, 2023 and were up 69.9% from Q1, 2022; however, the number of victims (6,071,259 individuals) in Q1, 2024, were down 57.2% from Q1, 2023 (14,199,413 individuals). Healthcare placed second in the top 10 compromises of Q1, 2024, with a 2.35 million data breach at Medical Management Resource Group (American Vision Partners), behind LoanDepot which had a breach of more than 16 million records; however, healthcare topped the list with 6 of the 10 largest data breaches in the quarter.
The number of organizations impacted by supply chain attacks more than tripled in Q1 2024 compared to Q1, 2024, with 50 new attacks that affected 243 organizations and involved the data of 7.5 million individuals. In Q1, 2023, 73 entities were affected by supply chain attacks and there were 11.4 million victims. Cyberattacks were the biggest cause of data breaches (642 compromises), followed by phishing/smishing/BEC attacks (108 compromises), and system and human error (85 compromises). It is now increasingly common for data breach notices to not provide information about the cause of the breach. In Q1, 2024, 439 compromises did not state the root cause of the breach (52.2%) compared to 166 of the 442 data compromises (37.6%) in Q1, 2023. More than two-thirds of cyberattack-related data breaches included no information about the root cause of the breach.
“The dramatic increase in data compromises continues to concern us,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “However, the decrease in victims impacted is a bit of good news, though still too high. We believe it is due to identity criminals launching more targeted attacks, which differ from tactics used five to ten years ago. With that said, it is critical that businesses and consumers continue to practice good password hygiene and transition to Passkeys when possible.”
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
