Healthcare overtakes finance as most-breached industry of 2022, Kroll report reveals

In 2022, healthcare overtook finance as the most-breached industry, accounting for 22% of the breaches handled by Kroll, compared to 16% in 2021
Finance dropped to second place with 19% of the cases in 2022, down from 22% of breach cases in 2021
Despite this, consumers were more likely to take up identity monitoring when told their data had been affected by a cyber breach if that data was related to the finance industry than the healthcare industry
In 2022 49% percent of calls coming from consumers, after they were notified of a breach, were related to the finance industry, only 32% were in the healthcare industry

Kroll has today announced the findings of its Data Breach Outlook, which ranks the most-breached industries of the year. In 2022, healthcare overtook finance as the most-breached industry, accounting for 22% of the breaches handled by Kroll, compared to 16% in 2021; a 38% increase year over year (YoY).

Finance dropped to second place with 19% of the cases in 2022, a 3% drop from 2021 where it accounted for 22% of breach cases.

Further investigation reveals that the number of incoming calls related to these healthcare data breaches and the number of consumers who take up identity protection was still less than in the finance industry, where it saw significant growth. Findings include:

Of all the monitoring taken up by consumers, 69% were involved in financial breaches, compared to only 20% in healthcare
Finance saw a 127% year-on-year (YoY) increase in the number of calls following a breach; health care saw only a 19% increase
Finance also saw a 126% YoY increase in the amount of identity monitoring taken up, compared to a 66% increase for consumers in healthcare

Says David White, Managing Director in the Cyber Risk practice at Kroll:

“The healthcare industry was particularly vulnerable to data breaches in 2022. Still in recovery from the pandemic, it is hardly surprising that data management may have become less of a priority, potentially putting data at risk of exposure. The finance industry continued to report a substantial number of breaches, likely because of the regulatory obligations in the industry mandating disclosure.”

White continues:

“It is revealing that consumers seemed more concerned about their financial data than health data, based on the number of incoming calls from consumers and the amount of identity monitoring taken up following a breach. This gives organizations—and their insurers—clues on how they should prepare for a breach, both in terms of costs and potential litigation.

“Despite the proportion of breaches in the health care industry growing, it seems that the finance industry still has the most to worry about in terms of consumer reaction and the impact of a data breach.”

Jan 27, 2023Chris Price

For latest tech stories go to TechDigest.tv

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

Share this:

Like this: