The good news is that there was a slight drop in the number of incidents involving the unintended disclosure of records through errors such as misdirected e-mails, which went from 32% in 2014 to 24% in 2015. Beazley's data breach statistics were based on 777 incidents in 2014 and 1,249 in 2015.

As hackers show an increased interest in healthcare records, Hollywood Presbyterian Hospital reported a ransomware attack last month that ultimately had the hospital paying a ransom of $17,000 in Bitcoin, which is nearly untraceable. Ransomware attacks literally hold an institution's information hostage until the ransom is paid. Beazley projects ransomware attacks will increase 670% from 2014 to 2016.

"Healthcare is a big target for hackers because of the richness of medical records for identity theft and other crimes," explained Paul Nikhinson, privacy breach response services manager for Beazley. "In fact, a medical record is worth over 16 times more than a credit card record."

Related: Cyber crime: The gift that keeps on giving

Hackers will use Trojans, ransomware and other programs to access information. (Photo: Thinkstock)

Healthcare is not the only sector being targeted by hackers.

Colleges and universities have reported increasing incidents of "spear phishing," where hackers send personalized, seemingly legitimate e-mails that include harmful links or attachments. Because so many students and educators have access to campus IT systems and use social media, schools are particularly vulnerable to hackers.

Another target of hackers is the financial services industry, which saw a slight increase in 2015, up to 27% vs. 23% in 2014. Beazley's data shows that Trojan programs were a frequent mode of access.

The weakest link for most businesses and institutions continues to be their employees. However, companies can take steps to protect their data including:

• Training employees on the importance of protecting personally identifiable information and protected health information and how to avoid phishing attacks that might be used to access that data.
• Creating an incident response plan and testing it to identify vulnerabilities in the system. Plans need to be developed and practiced ahead of time from the initial intrusion to who will be notified and how the forensic investigation will be conducted.
• Beazley recommends categorizing data risks by threat level, since over-reacting to a breach can be as harmful as under-reacting. Different breach events will require a tailored response to that threat.
• Taking a careful look at supplier contracts for any companies that handle or have access to your customers' data. It should be protected by anyone with access and your company could still be liable if there is a data breach.
• Password protecting computers and mobile devices, and encrypting data on any devices including thumb-drives and laptops.

Related: Hacked! The cost of a cyber breach, in 5 different industries

Don't forget to give us a like on Facebook.

Want to know more about cybercrime? Then join us at America's Claims Event (ACE), June 22-24, where you'll find solutions to the challenges you and your team face daily. From technology to customer service to fraud and litigation, this two-day networking and educational conference is designed for claims professionals. Register to attend and save $350.