Data Breach Outlook: Healthcare Most Breached Industry in 2024
When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.
The ransomware breach and data exfiltration on Change Healthcare in February of last year demonstrated the widespread disruption a breach can cause due to the interconnectedness of systems today. Though Kroll did not handle the Change Healthcare breach response, Kroll assisted with numerous large third-party breaches and saw firsthand the impact to organizations recovering from these incidents.
Healthcare Overtakes Finance as Most Breached Industry
In 2024, healthcare was the most breached industry, accounting for nearly a quarter (23%) of breaches handled by Kroll, compared to 18% in 2023.
While in the spotlight for 2023, the finance sector dropped to second place. However, the difference between most and second-most breached industry is very small.
Targets Remain Consistent for Data Breaches
While it seems the finance and healthcare sectors will continue vying for first and second place in the most-breached chart, the shifts—or lack thereof—among the rest of the industries perhaps tell a story about the tactics of threat actors.
There was a significant drop in the number of data breaches in the technology sector, down by 46% compared to 2023. This could be due to the extensive impact of the CLOP ransomware gang’s exploitations of the MOVEit Transfer vulnerability we saw in 2023 diminishing.
The healthcare industry is a target-rich environment and companies need to be looking at their medium-and long-term programs to ensure they can remain safe and secure. Understanding who your adversaries are, and what their capabilities are, is key. From there, you can build a comprehensive risk strategy to understand the edges of your exposure, take down what you can and understand what you can’t.
Percentage of Data Breaches From 2022 to 2024, by Industry
New Credit Card Fraud Remains Most Prevalent
When looking at the identity theft trends and how victims are being targeted, one method in particular continues to be the most common: new credit card fraud. This type of identity theft has been prevalent for years, partially due to the ease of creating these types of fraudulent accounts. Consumer protections such as credit freezes are available but still under-utilized.
New cellphone fraud and auto loan account fraud were also trending in 2024. Interestingly, there was a significant decrease in utilities fraud.
Percentage of Kroll Identity Theft Cases by Type of Fraud
Stay Ahead with Kroll
Identity Monitoring
Kroll’s unique combination of identity monitoring services can detect more types of identity theft than credit monitoring alone, providing practical help to combat identity theft and fraud.
Data Breach Call Center Services
A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.
Data Breach Notification Services
Kroll’s data breach notification, call centers and monitoring team brings global breach response expertise to efficiently manage regulatory and reputational needs.
Cyber and Data Resilience
Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident response, regulatory compliance, financial crime and due diligence engagements to make our clients more cyber resilient.