HHS cyber arm warns of EHR vulnerabilities

The Health Sector Cybersecurity Coordination Center warns about the cybersecurity risks associated with electronic health records (EHRs) in a threat brief. EHRs contain valuable protected health information that can be exploited by cyber attackers. Stolen healthcare data is highly valuable, with an average breach incident costing $9.23 million in 2021. EHRs are a top target in healthcare breaches, with common threats including phishing attacks, malware, encryption gaps, cloud threats, and compromised credentials. The agency recommends evaluating risk, using VPN with multi-factor authentication, endpoint hardening, protecting emails and patient records, engaging cyber threat hunters, and conducting exercises to strengthen cybersecurity posture.