7 Major Cyber Security Incidents Targeting the Healthcare Industry

7 Major Cyber Security Incidents Targeting the Healthcare Industry

Nowadays, the target of cyber attackers is money and information from as many people as possible. Therefore, the areas where the most personal information is collected become the target. Each person's data is unique to him, and people cannot easily change some of this information, such as credit card, phone number, and identity information.

This article will list and tell you the most significant cyberattacks in the health sector. Good reading.


1.Anthem Medical Data Breach

A company that makes health insurances called Anthem BlueCross BlueShield was exposed to a massive cyberattack in February 2015. Attackers stole the data of 78.8 million people in this attack. In a statement made by the company's CEO, he stated that we faced a very sophisticated attack. Attackers gained unauthorized access to the IT system. They leaked many personal data, such as names, birthdays, medical IDs / social security numbers, open addresses, e-mail addresses, and income data of current and former members.

After the investigation, it is stated that the data breach began on February 18, 2014, when a user at one of an Anthem-working subsidiary opened a malicious phishing e-mail.

Opening the e-mail initiated the download of malicious files to the user's computer and allowed attackers to gain remote access to this computer and dozens of different systems from Anthem, including Anthem's data center.

Attackers used at least 50 accounts in the Anthem corporate network, and eventually, at least 90 different systems were compromised, including the data center. Attacks on this data center caused 78.8 million users to leak.

After the data breach, Anthem implemented more penetration tests on its network and systems, allowing users to reset all their passwords. Also, they added a two-factor authenticator to their system.

2.American Medical Collection Agency

AMCA stated that it was subject to a massive cyberattack in an estimated period from August 1, 2018, to March 30, 2019. The number of people affected by this attack is approximately 25 million people and 18 healthcare providers.

AMCA stated that it was subject to a massive cyberattack in an estimated period from August 1, 2018, to March 30, 2019. The number of people affected by this attack is approximately 25 million people and 18 healthcare providers.

After discovering the violation, to determine the attack's scope, an investigation started on March 21, 2019. They realized that the attackers had access to AMCA's payment system without permission for about eight months. The attackers were also able to leak many critical patient information, such as financial information and Social Security Numbers.

AMCA's data breach was the most significant data breach experienced by Anthem after the data breach of 79.7 million discovered in 2015.

After this violation, AMCA sent letters to all customers to report the violation. The cost of these letters was $ 3.8 million.

Here is the complete list of companies affected by AMCA's data breach:

Affected Provider

Leaked Data Amount

Quest Diagnostics




Clinical Pathology Associates


American Esoteric Laboratories




Sunrise Medical Laboratories


BioReference Laboratories


CBLPath Inc


Laboratory Medicine Consultants


Austin Pathology Associates


South Texas Dermatopathology


Pathology Solutions


Penobscot Community Health Center


Seacoast Pathology Inc


Arizona Dermatopathology


Western Pathology Consultants


Laboratory of Dermatology ADX. LLC




3.Premera Blue Cross

Premera Blue Cross has become one of the biggest breaches in the healthcare industry, announcing the theft of personal, financial, and medical information of more than 11 million customers. Research on this attack revealed that the first attack started on May 5, 2014.


The attack started with the opening of phishing e-mails and then downloading the malware in the contents of these e-mails, just like the attack on Anthem Medical. This malware was an advanced threat that cannot be detected. Attackers stone many personal information such as customers' names, addresses, birth dates, e-mail addresses.

After this attack, a federal district judge approved a proposed $ 74 million deal to settle a consolidated class action for 11 million records against Premera Blue Cross. According to the agreement, Premera Blue Cross will allocate $ 32 million for people affected by the breach, and $ 10 million of this $ 32 million will be spent to cover the costs of the violation. The remaining $ 42 million will be used to improve company security.


4.Excellus BlueCross BlueShield

Excellus BlueCross BlueShield company took its place among the third attacks against the health sector in 2015. It is said that the data leaked from the company as a result of this attack reached 10.5 million records. Of these records, 7 million are from health plan members, and the remaining 3.5 million people are from Lifetime Healthcare Companies, the holding company of Excellus.

The stolen data includes many critical personal information, including customers' names, dates of birth, social security numbers, e-mail addresses, phone numbers, identity numbers.

According to Excellus's BCBS statement, this attack was a complex cyber attack. Investigations about the attack indicated that the attackers first started the attack on December 23, 2013, but since then, the attack has been working unnoticed. It was emphasized that the attackers had unauthorized access to the company's Information Technology Office and obtained data from there.

As a result of this attack, there are class actions brought against the company by the violation victims. The reason for filing these class action lawsuits stems from the leak of personal and health information. After the lawsuits, Excellus reported that it lost around 100,000 customers in 2015. At the same time, the cost of the attack is stated as 17.3 million dollars.


5. Science Applications International Corporation

The violation occurred in September 2011, with the theft of tapes containing 4.9 million people's information. The tapes were stolen from a SAIC employee's car to be transported between federal facilities on behalf of TRICARE.

As a result of this incident, class actions were filed on behalf of SAIC in case of privacy violation.


6.BlackbaudBlackbaud Enterprise Software and Services Reviews

As it happened many times before, it became a third party company that caused the biggest healthcare services to suffer data breaches. The Blackbaud ransomware attack affected so many data and people that the number is still unknown. However, according to estimates, this figure shows that there are approximately 10 million patients. When the background of this attack is investigated, it is stated that the attackers made preparations at least three months in advance to seize the system. In his reports published after the attack, Blackbaud announced that the names, contact information, various health information, bank card information registered in the system were leaked. Later, the Securities and Exchange Commission reported that patients' social security numbers were revealed. As a result of all this, Blackbaud suffered a loss of $ 6 million and was also audited by HHS and state and federal regulators.


7.DCA ALLIANCEDental Care Alliance (@DCAcareers) | Twitter

In the Data Care Alliance reported in December 2019, a cyberattack lasting more than a month leaked the health information and credit card information of approximately 1 million patients. This company is also a support vendor located in 20 US states and working with over 300 applications. An investigation has started for suspicious activity detected in the DCA corporate network. The investigations determined that the hackers entered the company network on September 18, and this connection continued until October 13. Although the investigations continue, it has been found that the names, contact information, health information, treatment information, patient account numbers, bank account numbers, and many other information have already been leaked. Later, approximately 10% of the patients saw that their bank account numbers were violated. DCA's general consultant Dave Quigley announced in a statement to Databreaches.net that the violation was reported to all relevant institutions. The 1,004,304 people whose information was leaked were informed by letter.


In today's world, technology has harm as well as benefits. In this article, we tried to convey some consequences of these damages and how they happened. Of course, if there is a problem, it also has a solution. The solution is to have your company and the institution you are affiliated with penetration tests regularly. Without these tests, you will lose your time and money in case of a breach. I hope you secure your systems before it is too late. Safe days!