Could your identity be stolen at your next doctor's appointment? About 30 million Americans have had their personal health information breached or inadvertently disclosed since 2009, according to cybersecurity company Redspin. And that's just the number of breaches reported to the U.S. secretary of Health and Human Services.
Cyberthieves aren't interested in medical conditions and prescriptions. Instead, they target billing and insurance records, which house valuable data including Social Security numbers, addresses and credit card info—all in one place.
According to a study released this month by the Ponemon Institute, cybercriminal attacks on health-care organizations, like hospitals and clinics, are up 100 percent during the past three years.
The institute's first study of patient privacy and data security in 2010 found 20 percent of those surveyed had experienced a breach. In 2013, 40 percent had experienced a breach, according to the institute, a research center on information security policy.
"A financial identity can be worth $5 to $10 if you have all the info. A medical identity can be five to 10 times that amount just because how easy it is to monetize that information once that bad guys get it," said Robert Gregg, chief executive of ID Experts, a cybersecurity firm that sponsored the Ponemon Institute survey.