The healthcare industry was the victim of 8,000 data breaches in 2020, a 51% uptick over 2019, according to a new report from digital security firm Constella.

Constella writes:

Key Findings From 2020 Include:

  • Nearly 60% of the data breaches analyzed exposed some form of PII and 72% of these breaches included passwords.
  • Over 40% of executives from a sample of Fortune 500 companies in Energy and Telecommunications sectors were exposed in a breach over the last 5 years.
  • Fortune 500 companies in Energy and Telecommunications have had their corporate domains exposed in approximately 11k breaches/leakages since 2016, and over 40% of these exposures occurred since 2020, indicating worsening security of corporate credentials.
  • Out of a sample of 55 Fortune 500 Energy executives, nearly 1/4 have had their passwords exposed.
  • Constella observed the sale of vaccine doses—such as AstraZeneca, Pfizer, Moderna, and Sputnik—in multiple dark marketplaces ranging from as little as $8 to as much as nearly $850.
  • Crypto-Currency, News, and Healthcare industries saw 120%, 110%, and 51% increases (respectively) in breaches and leakages compared to 2019.
  • Compared to the findings in Constella’s 2020 Identity Breach Report, the price of personal records transacted in dark marketplaces increased significantly, including passports (+1,185%), and driver’s licenses (+328%), ID cards (+642%), possibly due to increased demand for false identification records during the pandemic.

“Threat actors continue to find new ways to target individual and company data due to new vulnerabilities created in times of uncertainty and crisis. PII continues to fuel malign activities in the digital ecosystem,” said Alex Romero, COO of Constella Intelligence. “Executives are specifically being targeted for their high-level access within organizations.”