Critical Insight Healthcare Data Breach Report Jan-Jun 2021 Key Findings

Twice a year, Critical Insight analyzes the information about reported data breaches from healthcare organizations posted on the Department of Health & Human Services (HHS) website. This data comes from the mandatory reports that all organizations handling patient data have to make if they are victims of a data breach that discloses over 500 patient records.

The Healthcare Data Breach Report analyzing the HHS data from the first half of 2021 is now available to download for free. We recently held a well-attended 1-hour webinar to outline the report findings, and published a summary of the industry reaction to the report.

Key Findings from the Latest Breach Report

In this short blog, we'll outline the headline findings from the report. We won't go into detail as the report itself is a succinct 23-page read. 

The Number of Attacks is on an Upward Trend

The data for the last few years shows a clear upward trend in the number of healthcare organizations reporting data breaches. As this chart taken from the report clearly shows.

Healthcare Cybersecurity Breaches have doubled since 2018, and the rate is on an upward trajectory. We predict that the drop in reported breaches from the second half of 2020 will be an anomaly that will even out over time. The second half of 2020 saw delayed reporting of breaches from earlier in the year due to healthcare providers focusing on delivering care as the pandemic took hold. There was also a surge in Blackbaud ransomware attacks in the second half of 2020. The data for the last three years shows that the second half of the year has more reported breaches. We expect 2021 H2 to continue this trend. See the full report for more analysis of the trend, and the webinar for a wide-ranging discussion about the topic.

The Attack Targets are Changing

There is a clear trend in the data that shows cybercriminals changing their focus from hospitals to other targets. The chart below from the report clearly shows this change.

There has been a clear reversal in the attack targets, with Outpatient and Specialty Clinics accounting for 63% of the reported breaches. The following chart shows that business associates in the healthcare supply chain also had a marked increase in reported breaches.

The first half of 2021 saw 43% of hacking-related attacks involving a healthcare business associate, up from 24% in 2018. It's clear that cybercriminals have identified suppliers like this as an easier target than hospitals in the healthcare system. We can expect attacks against organizations other than hospitals to increase in the future.

What Attack Types Resulted in Data Breaches?

The HHS data breach data is granular. This allowed Critical Insight cybersecurity experts to dig down and report on what types of cyberattacks or other incidents were at the root of each breach. There were 327 reported breaches in the first half of 2021. From this total, the largest category is hacking & IT incidents at 235 breaches. The table below from the report gives the totals for five breach categories over the last few years.

The data in the table clearly shows that four of the category types recorded in the breach data have been consistent over the last few years. And that Hacking is responsible for the overall increase in breaches. This is a result of the general rise in cybercrime across all sectors, and the fact that many organizations in the healthcare sector need to bolster their cybersecurity protections.


The 2021 H1 Healthcare Data Breach Report provides a timely reminder that cybersecurity professionals tasked with defending healthcare provider's systems need to stay vigilant.

Critical Insight can help you with that task. Our cybersecurity professionals are focused on the threat landscape. These experts, combined with 24x7 monitoring teams based in our Security Operations Center (SOC), can deliver the cybersecurity expertise your healthcare organization needs to deal with cybersecurity threats.

Read the report, watch the webinar, and contact us to see how we can make your healthcare IT systems more secure.