Help with HIPAA Compliance
Help with HIPAA Compliance
Helping you understand the complexities of compliance under the HIPAA Security and Privacy Rules. Our team of experts in regulatory compliance can answer any questions you may.
Colington Consulting

FBI Warns Healthcare Providers About Cybersecurity Risk

5/10/2014 6:11:11 AM   |   Comments: 0   |   Views: 2786
Here is a repost of a recent article that appeared in the Homeland Security News Wire:

FBI warns healthcare providers about cybersecurity

Published 7 May 2014

The FBI has issued a private industry notification (PIN), warning healthcare providers that their cybersecurity networks are not sufficiently secure compared to the networks of the financial and retail sectors, making healthcare systems even more vulnerable to attacks by hackers seeking Americans’ personal medical records and health insurance data. Healthcare data is as valuable on the black market than credit card numbers because the data contain information that can be used to access bank accounts or obtain prescription for controlled substances.

Insurance Journal notes that some criminals are combining stolen medical information with credit card data, making it easier to conduct identity theft. A package of stolen consumer data, known as “fullz” or “kitz” on underground exchanges, can sell for $1,000 or more.

According to the PIN, “the healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely.” The notice did not mention, which has been criticized for its own security flaws, but it did urge recipients to report suspicious or criminal activity to local FBI bureaus or the agency’s 24/7 Cyber Watch.

A series of reports from the private sector have urged healthcare systems to upgrade security measures, but security experts applaud the FBI for issuing its own warning. “I’m really happy to see the FBI doing this. It’s nice to see the attention,” said Shane Shook, an executive with Cylance Inc., a cybersecurity firm.

Retailers and financial institutions have boosted their cybersecurity programs, most recently due to the Target and Neiman Marcus data breaches in which hackers stole millions of customer’s payment card numbers and data. As the supply of stolen payment card data increases, the value of information from those cards is decreasing, leading to an increase in demand for other types of stolen customer information.

It tends to take longer for consumers to realize that their medical information has been stolen or compromised, so medical information remains in strong demand in underground markets. Cybersecurity firm Dell SecureWorks notes that cyber criminals were getting paid $20 for health insurance credentials, compared with $1 to $2 for U.S. credit card numbers prior to the Target breach.

The two-page PIN cited a February 2014  report from SANS Institute which warned that the healthcare industry was ill-prepared to fight growing cyber threats, citing hundreds of attacks on radiology imaging software, video conferencing equipment, routers, and firewalls.

More Like This

Total Blog Activity

Total Bloggers
Total Blog Posts
Total Podcasts
Total Videos


Townie Perks

Townie® Poll

Do you allow parents into the operatory?

Site Help

Sally Gross, Member Services
Phone: +1-480-445-9710

Follow Dentaltown

Mobile App



9633 S. 48th Street Suite 200 • Phoenix, AZ 85044 · Phone: +1-480-598-0001 · Fax: +1-480-598-3450
©1999-2019 Dentaltown, L.L.C., a division of Farran Media, L.L.C. · All Rights Reserved