As long as healthcare organizations continue to use email, cybercriminals will find new ways to exploit security gaps, software bugs, and basic human nature to extort millions of dollars from their victims. In just the first six months of this year, Becker’s Hospital Review has noted more than 65 separate incidents of malware, ransomware and phishing attacks on healthcare providers, ranging from Alaska and Hawaii to Florida and Maine. These attacks affected more than 1.14 million patient records in just the cases that released statistics; the true number of those affected is much higher. While one-third of these attacks are specifically noted as being email-related, again, the true number is likely much higher.
The COVID-19 crisis has changed the way we approach data privacy and email security. The necessary and accelerated transition to working from home has been accompanied by a growing surge of Coronavirus-themed phishing scams and spoofed websites used to distribute malware or lure victims into providing confidential information.
The COVID-19 pandemic’s global spread has paved the way for threat actors to unleash the most widely-used cyber threat in recent memory. And healthcare entities are the most frequent target.
Office 365 is one of the world’s most commonly used software packages -- it’s in use by more than 1 million companies worldwide. The software suite announced more than 200 million individual users back in October 2019 and is adding about 3 million users each month.
Staying informed of the latest data privacy regulations as they apply to healthcare can be challenging. Not only are there a plethora of different security and retention requirements, but the risk of failure is higher than in any other sector: