Report Spotlights Medical Infrastructure, Utilities as Primary Cyber Targets

Violka08/Getty Images

A report from TransUnion documented the industries that most suffered from cyberattacks in the end of 2022, and recommended mitigation measures.

As the Biden administration launches its first National Cyber Strategy, a national survey has found that 22 million Americans were impacted by 321 reported data breaches in the fourth quarter of 2022 alone, which also stands to impact public sector entities. 

Consumer credit agency TransUnion unveiled a new report documenting the current risk of data breaches in public organizations’ digital networks. Some of the compromised data TransUnion documented as part of the recorded cyberattacks include medical identity information, government document fraud and tax refund identity theft. 

Among the industries TransUnion researchers analyzed, medical industry systems were found to have suffered the most damage in terms of affected customers on the state level. 

“The highly sensitive personal and medical information contained in electronic health records is an attractive target for cybercriminals,” the report reads. “State health officials must be vigilant in protecting against the persistent threat of illicit access to individuals’ medical information in furtherance of crime.”

The report recommends fundamental cybersecurity protocols, such as identity verification and multifactor authentication systems, to reduce the risk of identity theft and fraud. 

Phone and utility fraud ranked next in risk level of breaches, despite a decline in affected consumers. TransUnion researchers note that while the number of impacted customers may have fallen, the complexity and severity of data breaches within the utilities sector has grown.

Jeff Huth, the senior vice president of Public Sector at TransUnion, said that this report should help governments at the federal, state and local levels prioritize sectors targeted by cyberattacks and implement sufficient prevention measures. 

“Our recommendation for government agencies is to ensure their identification and device proofing capabilities are optimized to detect and prevent fraud and further victimization,” he told Nextgov

TransUnion’s report follows just after the release of the new National Cyber Strategy that will work to fortify the nation’s digital systems through mandatory baseline cybersecurity requirements, among other government-led strategies. 

Critical infrastructure was highlighted in the strategy as a key focus area, a decision supported by TransUnion’s analysis of high cyberattack risk within utilities companies and the medical industry.