Sixty-eight percent of healthcare organizations have compromised email credentials — such as passwords — visible on the Dark Web, according to a report by Evolve IP and ID Agent.
For the report, titled Email Vulnerability in Healthcare, the organizations analyzed 1,000 healthcare organizations.
Here are six things to know.
1. The percent of healthcare organizations with compromised email credentials available on the Dark Web range from 55.6 percent to 80.4 percent, depending on industry segment.
2. The segment with the highest proportion of compromised email credentials was regional health plans, while the segment with the lowest was medical billing and collections organizations.
3. Hospitals (72.3 percent), health centers (72 percent) and healthcare providers (61.9 percent) also had a significant amount of compromised email credentials.
4. Over half (55 percent) of these email credentials were stolen during a data breach, although other mechanisms included phishing or key logging attacks.
5. The majority (86 percent) of stolen email records available for sale on the Dark Web had an associated password.
6. Users often change their passwords after a cyberattack, if they are made aware of it. However, "that does not limit their value," according to the report, since people tend to use similar passwords across platforms.
Click here to view the full report.