Data breaches cost an average of $10M

As more healthcare tasks and information goes digital, the risks––and costs––of data breaches have risen to the tune of $10 million for healthcare companies.

That’s the average cost of a data breach, according to IBM’s annual Cost of a Data Breach Report, based on in-depth analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. 

Breach costs have risen 13% over the last two years, and the increase in cost could be passing down through the economy, influencing higher prices for goods and services, the findings revealed. In fact, 60% of organizations in the study raised prices of their product or services due to a data breach.

According to the findings, healthcare data breaches were the costliest among other industries, averaging a record high of $10.1 million. That’s up nearly $1 million, and the 12th consecutive year of the report with healthcare as the industry-topper for cost of a data breach. 

"Businesses need to put their security defenses on the offense and beat attackers to the punch. It's time to stop the adversary from achieving their objectives and start to minimize the impact of attacks,” Charles Henderson, global head of IBM Security X-Force, said in a statement. “The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases.”

Part of the problem is that healthcare organizations, as well as other industries, may be too trusting in their infrastructure. Twenty-eight percent of breaches amongst critical infrastructure organizations studied came from ransomware and destructive attacks. Additionally, the threat actors attacking organizations are seeking to disrupt global supply chains, including healthcare, the report warned. 

Phishing is also a top cause of data breaches, accounting for 12% of breaches in the report. However, while it’s the second most common cause of breaches, it has become the costliest, averaging $4.91 million in average breach costs for responding organizations across industries. 

Once organizations are breached, they often have a choice to either pay ransom attackers or not, and both options come with a cost. Average ransom costs reached $812,000 in 2021, and businesses that opt to pay the ransom could net higher costs overall as a result of the breach. Plus, they could be funding future attacks with the capital in a ransom. Across industries, a cyber breach averages $3.8 million in cost to an impacted organization.

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

California-based Acutus Medical has said its ongoing agreement to manufacture and distribute left-heart access devices for Medtronic is the company's only source of revenue. 

The scam took place over a period of seven years, resulting in Medicare being billed for more than $70 million in fraudulent claims for unnecessary scans. 

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.