For five days in July 2018, someone hacked the email account of an employee at cancer-testing startup Guardant Health and stole information that included names, Social Security numbers, birthdates, and medical diagnosis codes. The breach, involving about 1,100 patients, came to light when the company filed for its initial public offering with the Securities and Exchange Commission.
In 2015, the FDA warned that a networked infusion pump was vulnerable to being accessed and controlled by unauthorized users. Concerned that attackers could harm patients by altering their medication dosing, the agency warned healthcare facilities to discontinue its use.
The National Institutes of Health says 40 percent of IoT-linked devices will be health-related, more than any other category. A 2015 KPMG cybersecurity survey of providers and health plans reported that four in five healthcare organizations had been attacked in the preceding two years, and only half felt adequately prepared to fend off a future assault.
Two years later, things had not changed much. The KPMG 2017 Cyber Healthcare & Life Sciences Survey reported a dramatic rise in computer system breaches and data compromises since the 2015 study. Still, 43 percent of respondents had not increased their cybersecurity spending.