Healthcare overtakes finance as most-breached industry of 2022, Kroll report reveals
- In 2022, healthcare overtook finance as the most-breached industry, accounting for 22% of the breaches handled by Kroll, compared to 16% in 2021
- Finance dropped to second place with 19% of the cases in 2022, down from 22% of breach cases in 2021
- Despite this, consumers were more likely to take up identity monitoring when told their data had been affected by a cyber breach if that data was related to the finance industry than the healthcare industry
- In 2022 49% percent of calls coming from consumers, after they were notified of a breach, were related to the finance industry, only 32% were in the healthcare industry
Kroll has today announced the findings of its Data Breach Outlook, which ranks the most-breached industries of the year. In 2022, healthcare overtook finance as the most-breached industry, accounting for 22% of the breaches handled by Kroll, compared to 16% in 2021; a 38% increase year over year (YoY).
Finance dropped to second place with 19% of the cases in 2022, a 3% drop from 2021 where it accounted for 22% of breach cases.
- Of all the monitoring taken up by consumers, 69% were involved in financial breaches, compared to only 20% in healthcare
- Finance saw a 127% year-on-year (YoY) increase in the number of calls following a breach; health care saw only a 19% increase
- Finance also saw a 126% YoY increase in the amount of identity monitoring taken up, compared to a 66% increase for consumers in healthcare
Says David White, Managing Director in the Cyber Risk practice at Kroll:
“The healthcare industry was particularly vulnerable to data breaches in 2022. Still in recovery from the pandemic, it is hardly surprising that data management may have become less of a priority, potentially putting data at risk of exposure. The finance industry continued to report a substantial number of breaches, likely because of the regulatory obligations in the industry mandating disclosure.”
“It is revealing that consumers seemed more concerned about their financial data than health data, based on the number of incoming calls from consumers and the amount of identity monitoring taken up following a breach. This gives organizations—and their insurers—clues on how they should prepare for a breach, both in terms of costs and potential litigation.
“Despite the proportion of breaches in the health care industry growing, it seems that the finance industry still has the most to worry about in terms of consumer reaction and the impact of a data breach.”