From Roll Call:
The health care sector suffered 466 incidents of cyberattacks and 304 instances of confirmed data breach, Verizon found.
…A majority of those incidents and breaches stemmed from “internal actors” or health care employees misusing their user privileges to access databases they should not be accessing, Verizon said in its report.
“Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern” for this industry,
The linked article reinforces what I have found. The majority of data breach incidents in medicine are not hacks but are internal or involve theft of hardware. However ransomware is still a growing problem.
The majority of the article is not medical but discusses government data breaches. These are mostly hacks and are mostly coming from hostile governments not from cyber criminals looking for a profit. It is an interesting and rather chilling read just to see what is happening in the cyber security world.
As an aside it seems government databases are under constant attack and are often breached. We hear little about this. That same government will fine a health care entity millions of dollars if they suffer a similar breach. Hmmm.