Basic human error continues to beset this industry as it has for the past several years. The most common Error continues to be Misdelivery (36%), whether electronic or of paper documents. Malicious Internal actions, however, have dropped from the top three for the second year in a row. Financially motivated organized criminal groups continue to target this sector, with the deployment of Ransomware being a favored tactic.
655 incidents, 472 with confirmed data disclosure
Miscellaneous Errors, Basic Web Application Attacks and System Intrusion represent 86% of breaches
External (61%), Internal (39%) (breaches)
Financial (91%), Fun (5%), Espionage (4%), Grudge (1%) (breaches)
Personal (66%), Medical (55%), Credentials (32%), Other (20%), (breaches)
Top IG1 Protective Controls
Security Awareness and Skills Training (14), Secure Configuration of Enterprise Assets and Software (4), Access Control Management (6)
- 2021 DBIR
- DBIR Master's Guide
- Results and Analysis
- Incident Classification Patterns
- Data Breach Statistics By Industry
- Accommodation Food Services
- Entertainment Data Breaches
- Educational Services Data Breaches
- Financial Services Data Breaches
- Healthcare Data Breaches Security
- Information Industry Data Breaches
- Manufacturing Data Breaches
- Energy Utilities Data Breaches
- Professional Technical Scientific Services
- Public Administration Data Breaches
- Retail Data Breaches Security
- SMB Data Breaches Deep Dive
- Introduction by Regions
- Year in Review 2021
- 2021 DBIR Corrections
- Download the full report (PDF)
Since 2019, the Healthcare sector has seen a shift from breaches caused by Internal actors to primarily External actors. This brings this vertical in line with the long-term trend seen by the other industries. This is good news actually, as no industry wants their employees to be their primary threat actor. While one of the top patterns for Healthcare continues to be Miscellaneous Errors, with Misdelivery being most common, at least errors are not malicious in nature (Figure 105). The insider breaches that were maliciously motivated have not shown up in the top three patterns in Healthcare for the past several years. But does this mean they are no longer occurring, or are they still around but we just aren’t catching them (like Bigfoot)? Only time will tell.
For the second year in a row, we have seen Personal data compromised more often than Medical in this sector. That strikes us as strange, given the fact that this is the one sector where you would expect to see Medical information held most commonly. However, with the increase of External actor breaches, it may simply be that the data taken is more opportunistic in nature. If controls, for instance, are more stringent on Medical data, an attacker may only be able to access Personal data, which is still useful for financial fraud. Simply put, they may take what they can get and run.
Let's get started.
Choose your country to view contact details.
- Select Country...
- Costa Rica
- Hong Kong
- New Zealand
- United Kingdom
- United States
Call for Sales.
Or we'll call you.