Cybercrime, as defined by Britannica, is the use of a computer as an instrument to further illegal ends. Most cybercrime is an attack on information about individuals, corporations, or governments.
- A new study has revealed a shocking rise in cyberattacks across the US, particularly targeting the healthcare and finance industries.
- The financial services industry is highly vulnerable to cyberattacks, experiencing 744 data breaches in 2023—a 177% increase compared to 2022.
- In 2023, data breaches in the financial industry affected an alarming 61 million individuals, underscoring the urgent need for enhanced cybersecurity measures.
The data from a study by SOAX.com revealed a shocking increase in cyberattacks from 2022 to 2023, with the finance and healthcare industries being hit the hardest - 117 million victims were impacted in total across both these industries in 2023. And, cybersecurity threats continue to evolve, posing a threat across all industries.
Data violation cases and victims due to cyberattacks in the US 2023, by industry:
Rank |
Industry |
Number of data violation cases |
Number of data violation victims |
1 |
Healthcare |
809 |
56,000,000 |
2 |
Financial services |
744 |
61,000,000 |
3 |
Professional services |
308 |
30,000,000 |
4 |
Manufacturing |
259 |
5,000,000 |
5 |
Education |
173 |
4,000,000 |
6 |
Technology |
167 |
65,000,000 |
7 |
Retail |
119 |
10,000,000 |
8 |
Non-profit/NGO |
105 |
10,000,000 |
9 |
Transportation |
101 |
12,000,000 |
10 |
Government |
100 |
15,000,000 |
11 |
Other |
81 |
4,000,000 |
12 |
Wholesale trade |
53 |
297,000 |
13 |
Hospitality |
45 |
6,000,000 |
14 |
Utilities |
44 |
73,000,000 |
15 |
Social services |
15 |
193,000 |
16 |
HR/Staffing |
10 |
239,000 |
17 |
Unknown |
1 |
0 |
18 |
Manufacturing and Utilities |
- |
5,000,000 |
Blank spaces are due to unavailable data.
SOAX.com also collected data on the number of data violation cases due to cyberattacks in the United States from 2020 to 2023 by industry and then, using this data, ranked the industries in order of vulnerability to attacks.
Top three data violation cases due to cyberattacks in the US, from 2020 – 2023, by industry:
Rank |
Industry |
2020 |
2021 |
2022 |
2023 |
1 |
Healthcare |
306 |
330 |
343 |
809 |
2 |
Financial services |
138 |
279 |
269 |
744 |
3 |
Professional services |
144 |
184 |
223 |
308 |
In 2023, 46 hospital systems in the US, comprising 141 hospitals, were impacted by ransomware, according to a tally from cybersecurity firm Emsisoft. That’s up from 25 hospital systems hit by ransomware in 2022, according to the firm.
Recently, two major American healthcare firms experienced ransomware attacks, which crippled their computer systems, disrupted patient care, employees’ pay and insurance processing and even caused ambulances to have to be rerouted. These attacks exposed the weaknesses in the US healthcare system’s defense against hackers.
As for the financial services industry, today’s hackers are coming up with ever more sophisticated schemes to relieve other people of their money. The financial sector is meeting the challenge; for example, 24 states have recently passed bills or resolutions related to cybersecurity and the SEC has issued new regulatory and compliance requirements for the financial sector. This is one reason that consumers trust the financial industry with their money.
However, the protections provided by financial services and healthcare companies are just the first step in protecting the public from cybercrime. Study after study shows that the weakest link in cybersecurity is human behavior.
Two factor authentication (2FA) is when the customer is sent a temporary code to their phone, which is needed to continue logging into their account. A prospective hacker would then need to have both the account credentials and access to the phone to gain entry to the account. Yet, many financial institutions have not yet instituted 2FA. Why? The customers find it inconvenient.
Medicare.gov does require 2FA and many healthcare companies are now implementing it.
Both the healthcare industry and the financial services industry are entrusted with our Personally Identifiable Information (PII). The inviolability of this information is threatened by both insider threats and accidental disclosures by employees or even the consumer himself.
A favorite tool for cybercriminals is social engineering. This is the use of social media platforms and phishing emails to either download malware or glean the information needed to access PII and account information.
We have outlined some tips to steer clear of these scams in previous blogs. Check out the below on our website: https://www.regardingyourmoney.com/blog.htm?ID=11648 and https://www.regardingyourmoney.com/blog.htm?ID=12484
Please always feel free to call (215-836-4880) or email the office
(ellend@regardingyourmoney.com) to set up an appointment to discuss any questions you may have. Or, visit us at regardingyourmoney.com
Sources: Steven Bowcut for CyberSecurity Guide, CNN, Journo Research