INDIANAPOLIS – The Indiana Attorney General’s Office says cyberattacks are on the rise in Indiana, and hospitals and health care providers are some of the biggest targets.
Cyberattacks like the one recently discovered at Eskenazi Health aren’t all that unexpected, according to Douglas Swetnam, section chief for the Data Privacy and Identity Theft Unit at the Indiana AG’s office.
“They have some of the most valuable information for criminals to use,” Swetnam said.
Hospitals are some of the biggest businesses of concern for getting breached since “they are easier targets,” Swetnam said.
“They have a lot of computer systems to take care of, and they are not as easy to cover as maybe a merchant who is only worried about a credit card machine,” he explained.
Swetnam said his team at the AG’s office works with some health care providers and other businesses to educate them about the protections they should have in place, such as two-factor authentication and encryption.
“And to back up data,” he added. “And store the data someplace that’s not online.”
Experts say there are actions patients can take, regardless of whether they know if their information has been involved in a cybersecurity breach.
“Unfortunately, when the information is out there and it has been breached, it is out there,” said Scott Shackelford, chair of Indiana University’s cybersecurity program.
Shackelford said patients can take the same precautions as businesses – like changing passwords – and should monitor their bills to look out for suspicious charges.
You can also consider freezing your credit, he added.
“That can actually help a lot,” Shackelford said. “It makes it very, very hard for somebody else to open up an account in your name.”
The Indiana Attorney General’s Office is monitoring the aftermath of the cybersecurity breach within Eskenazi Health, Swetnam said.
We reached out to Eskenazi Health for this story, but officials declined our request for an interview.