There are currently over 13 billion records originating from data breaches that are accessible on the dark web, a marketplace for cybercriminals to sell, trade and use stolen data to attack both individuals and organisations.1 This statistic indicates that nearly everyone has experienced a breach of some kind. Although this does not mean that we will all become victims in a worst-case scenario, it does mean that we are all potential targets.
Since most successful attacks come through e-mail and more than 90% of cyberattacks start with phishing, it is easy to see why anyone with an e-mail address must act to assess the legitimacy of e-mails.2 Cybercriminals exploit human weaknesses by using social engineering tactics to trick individuals into granting access or providing login credentials.
Why are dental practices at risk?
Small and medium-sized businesses, including dental offices, often assume that they are too small to be on a hacker’s radar, but cybercriminals are aware of this mindset and exploit it. This view-point is understandable, as cybersecurity seems to be a concern only for large corporations. The reality is that dental practices handle sensitive data—patient records, financial information and health histories—all valuable to cybercriminals. This type of data can be sold on the dark web, used to steal identities or leveraged to extort the practice and its patients. Unlike large companies, many dental practices lack the resources for advanced cybersecurity, and small businesses generally do not have the same defences as larger enterprises, making them more vulnerable.3 Considering that over thirteen billion stolen records are now on the dark web, every organisation, no matter its size, is a target.4
The high stakes of a cyberattack
If you are wondering what the worst is that could happen from a hack, consider the following:
- Financial losses: The cost of recovering from a cyberattack can be staggering. For the healthcare industry, including dental practices, the average cost per record in a data breach is reported at approximately US$429 (€412*), according to IBM’s Cost of a Data Breach Report 2024.5 This figure reflects several factors, such as notification, recovery, regulatory expenses and lost business. Healthcare, having stringent data privacy requirements, typically incurs the highest breach costs across industries.
- Reputation damage: Trust is the foundation of your relationship with patients. If their personal data is compromised, that trust can be damaged, leading to loss of patients and a tarnished reputation that is challenging to rebuild.
- Privacy compliance violation: Privacy regulations vary globally, but healthcare providers universally have an obligation to protect patient data. Non-compliance can result in significant fines and legal issues, particularly regarding the US Health Insurance Portability and Accountability Act of 1996 and Regulation (EU) 2016/679 EU (General Data Protection Regulation).
Operating systems and the cloud—understanding the risks in your technology environment
There is no one-size-fits-all cybersecurity solution for dental practices. Operating systems and the cloud introduce varying cybersecurity risks:
To post a reply please login or register