The sickening truth: Healthcare data breaches reach all-time high

If your healthcare data hasn’t been breached in 2024, then you either don’t know it yet or should consider yourself very lucky. That’s because 2024 was a nightmare year for healthcare institutions and patients in the US. A total of 184,111,469 records were breached. That’s 53% of the 2024 population of the United States. This staggering figure represents a significant increase from previous years, setting a new and alarming record in healthcare data breaches. The healthcare sector faced unprecedented challenges in cybersecurity, with attacks becoming more frequent, sophisticated, and damaging than ever before.

 

 

 

Health check or data leak?

Being admitted to a hospital is stressful enough. It caused additional stress for the 100 million clients of Change Healthcare, whose data was exposed following a breach orchestrated by the BlackCat ransomware group. Not only did the breach expose sensitive health information, but it also caused widespread disruptions in claims processing. Patients and providers across the country faced chaos as the breach impacted their ability to access and pay for healthcare services.

The second significant breach occurred at Kaiser Foundation Health Plan, where the personal data of 13.4 million individuals was compromised. This breach involved unauthorized access and the use of tracking technologies that transmitted user interactions to third parties. 

 

HACKERS CLAIM MASSIVE BREACH OF COMPANY THAT TRACKS AND SELLS AMERICANS’ LOCATION DATA

 

Your health data gets breached, so what?

You’ll receive a notification letter, although be aware that it may take months before it reaches you (as was the case for victims of the Ascension Health data breach). The consequences are real and can be very painful. Medical identity theft directly affects patients’ health and safety. It happens when criminals use stolen personal health information to obtain medical services or medications under another person’s name. It can result in incorrect medical records being created that can include inaccurate diagnoses, allergies, or treatments. And, you guessed it, it can also result in financial repercussions, such as patients getting fraudulent claims and bills for services they did not receive. Resolving these issues with insurers and healthcare providers takes time and mental strength. And you’re probably not in a hurry to see your breached healthcare provider ever again. That’s normal. A study has shown that up to 54% of patients consider switching providers after a data breach.

 

ARE DATA BROKERS ENDANGERING YOUR RETIREMENT SECURITY?

 

When health data gets into the hands of data brokers

Sensitive health information can easily be combined with personal identifiers from data brokers, creating comprehensive profiles that criminals can exploit. As a reminder, data brokers are companies that specialize in collecting, processing, and selling personal information from various sources, including public records, online activities, and social media. They aggregate this data to create detailed consumer profiles that can be sold to marketers, insurance companies, and other entities for various purposes. The more detailed the profile, the higher the chance of identity theft and potential discrimination in employment and insurance. Employers might make hiring decisions based on perceived health risks, while insurers could deny coverage or increase premiums.

 

THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

 

Wash your hands, remove your data

You can’t prevent a data breach, but you can minimize its consequences by reducing your digital footprint overall.

1) Set your social media to private: Restrict access to your personal information and limit what strangers can see about your life and potentially your health status. Ensure your privacy settings are robust and regularly updated to prevent unauthorized data collection.

 

2) Remove your personal data from data brokers’ databases: Either by searching for your name on people search sites and requesting removals, one by one, or by using a data removal service. Data removal services automate data removals for you and let you track where exactly your data has been found and whether it was removed. Not only on people search sites, which are public data brokers, but also on hidden, private databases where you can’t look yourself up (and these are the worst).  Once your data is removed, data removal services monitor data brokers for your data and remove them again as needed (because they have a tendency to be re-listed after a while). This way, you prevent data broker companies from compiling a full profile on you and selling it to the first bidder, whether that’s a hacker, a marketing agency, or an insurance company.

A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.

Special for CyberGuy Readers (60% off):  Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 190+ data brokers. You can add up to 3 emails, 3 home addresses and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.

Get Incogni here

Get Incogni for your family (up to 4 people) here

 

3) Delete all unused apps on your phone: Unused applications can be hidden gateways for data leakage and potential security vulnerabilities. Regularly audit and remove apps that you no longer use or need.

 

4) Check the permissions of the ones you want to keep: Review each app’s access to your personal data, location, and device features to ensure you’re not inadvertently sharing more information than necessary. Be particularly cautious with health and fitness tracking applications.

 

5) Use a VPN (Virtual Private Network) when browsing: Encrypt your online activities and mask your digital location to add an extra layer of anonymity and protection. A reliable VPN can help shield your personal information from potential interceptors and data miners.  See our picks fro best VPN here.

 

Kurt’s key takeaways

The reality of healthcare data breaches is daunting, but it’s not entirely out of your control. While you can’t prevent breaches from happening, you can take steps to minimize the risks and protect your personal information. Think of it as adding locks to your digital doors—set your social media to private, use a VPN, and clean up unused apps. Remember, the less information you leave out there, the harder it is for bad actors to exploit it. Stay vigilant, and don’t let your data become someone else’s advantage.

How do you feel about the growing risks to your personal information, and what steps have you taken to protect your data? Let us know in the comments below. 

FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

This article was created in partnership with Incogni 

Copyright 2025 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

How cyberscams are draining Americans wallets by the billions

Don’t fall for that sneaky iCloud storage alert in your inbox

Top translation apps for travelers

8 comments

DiAnne W. January 23, 2025 - 6:12 am
Back in November I get a letter from DOJ. It contained a new Medicare number. It stated that my medical info was part of a breech that occurred 9 months ago. This was the first time that I even knew about it. So, if it takes that long to be notified then why does our “government” wait so long to notify me? I’ve gotten 3 letters from various medical groups letting me know they had been breached. The letters said that they would provide me “free” monitoring. All of these letters and emails said it occurred over a 9 month period. Almost everyday I get phone calls or emails from different groups offering different benefits. I don’t respond to the emails. I have caller ID on my home phone and have quit answering my phone if I don’t recognize the number or company. I have my iPhone settings to mark spam on unknown numbers. These breaches shouldn’t happen in the first place, but taking this long to notify you of the breach.
Marianne O. January 23, 2025 - 6:28 am
I refused service by a physician provider whose practice insisted on having my social security number before the doctor would see me. My health coverage is Medicare. There is no need for my social security number.
Orayneri January 23, 2025 - 7:00 am
I've been getting all kinds of scam emails that look real. It has gotten to the point that I don't trust anything I receive unless is from someone I know or a business I'm already familiar with. I know my name and email have been compromised on the Dark Web already.
Brian January 23, 2025 - 7:00 am
Worked for Ascension last year. What a horrible mess. Scammers wouldn't take $ - took untraceable bitcoin instead (I heard it was $70M in value). Very good post, as always!
Victoria January 23, 2025 - 12:37 pm
Thanks, I took your advice and got Incogni it works well..After alot of years, yes your information is out there..I would recommend it to anyone..Next I'm going to pick a VPN...I need a new phone, what's better Android or IPhone?
Kurt Knutsson January 23, 2025 - 1:22 pm
Great to hear you've been seeing the benefits of Incogni. Choosing between an Android and an iPhone can be a tough decision, as both have their own strengths and weaknesses. iPhones are known for their smooth and intuitive user interface, seamless integration with other Apple products, strong emphasis on privacy and security, regular software updates, and high-quality apps. However, they tend to be more expensive and offer limited customization options compared to Android devices. On the other hand, Android phones offer a wide range of devices at different price points, highly customizable interfaces, excellent integration with Google services, and various hardware options like expandable storage and headphone jacks. However, software updates can be inconsistent, and security is generally considered less robust than iOS. Ultimately, the best choice depends on your personal preferences and needs. If you value a seamless ecosystem, regular updates, and strong security, an iPhone might be the way to go. If you prefer customization, variety, and better integration with Google services, an Android phone could be a better fit. Please see our articles on best Android phones to consider as well as best iPhones to consider. As for VPN recommendations, you can find our top picks here.
Frances January 25, 2025 - 8:20 pm
First thing that should be done that no one NEEDs your SSN. If someone say they do they're lying. I've had numerous physicians request it and I leave the space blank or inform them of the Data breaches etc. that even the FBI are informing people not to carry SSN anymore and to give it out, which is true. If the provider insists go to another provider. No one can keep our info secure and private. Not the government, which they're proven more than once, not hospitals, not physicians office. No one. So why give out your identity? Just don't! Thanks again for such valuable info. Now it only we could educate doctor's and more about not asking for our SSNs.
Frances January 25, 2025 - 8:25 pm
I also signed up for Incogni and they have removed a great deal of info from entities I've never heard of. I also have a paid VPN on my pc and phone. Thanks again!!
Add Comment