It’s a sad fact that hospitals and health care systems continue to be a prime target for cyber criminals. But it’s the skyrocketing growth of cyberattacks on third parties such as business associates, medical device providers and supply chain vendors that currently poses one of the biggest – and often-neglected – challenges on the health care cyber risk landscape.
Fifty-five percent of health care organizations surveyed experienced a third-party data breach in the last 12 months, and seven out of the top 10 health care data breaches reported so far in 2022 involved third-party vendors. The biggest breach – which affected more than 30 health care providers and health insurance carriers, as well as 2.6 million patients – involved OneTouchPoint, a third-party mailing-and-printing vendor.
And this Top 10 list doesn’t even include other major attacks impacting health care, such as the one against Ultimate Kronos Group, the human resources and workforce management solutions provider, or Elekta, a third-party vendor of cancer treatment radiation therapy, radiosurgery and clinical management services.
Cyber criminals’ burgeoning interest in third- and fourth-party…
