68 percent of Healthcare Organizations Have Compromised Email Credentials

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow

A study from the cloud services provider, Evolve IP suggests that over two-thirds of all healthcare organizations have employees using compromised email credentials. An article over on Healthcare IT News explains how Evolve IP determined these findings.

The study found that 55 to 80 percent of organizations have email accounts that have been compromised. Looking at the email accounts with comprised credentials, 76 percent included “actionable password information for sale on the dark web.”

The stolen passwords being sold on the dark web are generally purchased as encrypted passwords, however the encryption is weak enough that hackers are typically capable of cracking them. Although most passwords sold online contain some level of encryption, 23 percent are found for purchase in clear text.

Though hackers gain access to the system through both phishing and key-logging attacks, these vulnerabilities can lead to much larger issues, such as ransomware or denial of service attacks as well as patient data breaches.

How did Evolve IP come up with these findings? The study looked at 1,000 HIPAA-covered entities as well as business associates. Although the passwords were outdated for most compromised accounts, they remain valuable to hackers. With over 75 percent of people using either identical passwords or very similar passwords across the board for online activities, hackers can benefit greatly from outdated password information.

“By understanding the types of changes people make to their passwords over time, hackers can create a user profile and determine a person’s new password fairly accurately by using simple guessing or sophisticated automated algorithms.”

Diving deeper into the healthcare organizations with comprised credentials we can see that some sectors are more secure than others when it comes to password protection. For example, medical billing and collections had the fewest compromised user credentials, while regional healthcare plans had the most with 80.4 percent of organizations having compromised login information.

“The overwhelming majority of these organizations used cryptographically hashed passwords, which researchers explained are inadequate for today’s cybersecurity challenges. Hackers have many tools that can easily crack these types of passwords.”

With healthcare organizations being the biggest target for hackers, it is vital that employees understand the need for email safeguards.

“63 percent of breaches are caused by compromised email credentials. And about 7,500 individual security incidents occurred due to these compromises.”

According to the CEO of ID Agent, Kevin Lancaster, companies are not successfully protecting their customers from having their online accounts taken over or their data exploited. He explains that there needs to be a solution to automatically identify stolen credentials as well as secure customer’s accounts before it is too late.

Founder and managing partner of tw-Security, Tom Walsh says two-factor authentication is one way to prevent a cyber breach.

“We’re trying to advocate a principle of privacy: It’s called the minimal necessary-privacy,” Walsh said. “The principle of least privilege, in the security world, the idea is the same: Only give access to information as it’s appropriate in order for someone do their job function.”

This article was originally published on HIPAA Secure Now! and is republished here with permission.