Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      Digital Lockdowns or Lost Opportunities? The Hidden Cost of Social Media Bans on Education

      July 16, 2026

      Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

      July 16, 2026

      Washington’s Intel Gamble Begins Delivering Strategic Results

      July 16, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026
      • AI

        Washington’s Intel Gamble Begins Delivering Strategic Results

        July 16, 2026

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Record Industry Pushes for AI Labels on Streaming Music

        July 15, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026
      • Security

        Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

        July 16, 2026

        China’s AI Distillation Campaign Raises New Concerns Over U.S. Technology Security

        July 13, 2026

        AI Tools Increasingly Exploited by Terrorist Organizations, New Research Finds

        July 13, 2026

        Pentagon Expands Engineering Recruitment to Restore America’s Military Technology Edge

        July 13, 2026

        EU Lawmakers Advance Controversial Private Message Scanning Measure Despite Mounting Privacy Concerns

        July 12, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Weak Email Security Settings on Microsoft 365 Drive Surge in Healthcare Data Breaches
      Tech

      Weak Email Security Settings on Microsoft 365 Drive Surge in Healthcare Data Breaches

      Updated:February 21, 20263 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Weak Email Security Settings on Microsoft 365 Drive Surge in Healthcare Data Breaches
      Weak Email Security Settings on Microsoft 365 Drive Surge in Healthcare Data Breaches
      Share
      Facebook Twitter LinkedIn Pinterest Email

      Healthcare organizations are facing a growing wave of email-related security failures, with Microsoft 365 repeatedly identified as a major weak link. According to a recent IT Pro–Paubox report, 52% of healthcare email breaches in the first half of 2025 involved Microsoft 365, up from 43% in 2024. In that same period, 107 attacks exposed over 1.6 million patient records, with an average of nearly 16,000 records breached per incident. Compounding the issue, 79% of breached organizations were found to have ineffective DMARC protection (up from 65%), many lacked robust phishing‐reporting among staff (only ~5% of phishing attacks are even reported), and too many depend chiefly on human vigilance rather than resilient technical configuration. 

      Sources: IT Pro, PauBox.com

      Key Takeaway Points

      – Microsoft 365 is increasingly implicated in healthcare email breaches—over half of incidents in early-2025—and failure is often due to poor setup/configuration rather than the inherent defects of the platform itself.

      – Email authentication protocols (DMARC, SPF, DKIM) are frequently misconfigured or insufficiently enforced; a large majority of breached domains have weak DMARC settings.

      – Human and operational factors—such as lack of reporting, bypassing secure tools, understaffed security teams, and overreliance on user behavior—remain central vulnerabilities.

      In-Depth

      Healthcare data security remains under siege, and recent reports confirm that the weakest link is often not the size of the breach, but the basic email configurations and practices institutions rely on.

      The 2025 mid-year healthcare email security analysis by Paubox reveals that in just the first half of the year, 107 email-related breaches compromised more than 1.6 million patient records—an average of nearly 16,000 records per breach. Microsoft 365 accounted for 52% of those compromises, up from 43% in the previous year. Far from being a problem unique to smaller providers, this is happening across organizations large and small. 

      The root causes are less about cutting-edge malware or zero-day exploits, and more about misconfigured security settings and gaps in foundational protections. For example, DMARC—an email authentication standard that helps block spoofed or malicious messages—was found ineffective or too loosely set up (monitor-only) in nearly four in five breached organizations. Compounding the vulnerability, staff often bypass secure message systems, and very few phishing attacks are reported, leaving malicious messages undetected until it’s too late. 

      Financial stakes for these failures are huge. Healthcare breaches not only risk patient privacy and safety but carry steep regulatory penalties and reputational harm. The cost per breach can run into the tens of millions. And while premium email security services (like Mimecast, Proofpoint, Barracuda) are involved in some breaches, their presence isn’t sufficient shield—what matters more is ongoing enforcement, correct setup, default protections, and reducing reliance on human vigilance. 

      To prevent further escalation, healthcare organizations must shift mindset: email security cannot be “good enough.” Institutions need to enforce DMARC/SPF/DKIM correctly (not in passive or monitor modes), automate secure defaults (such as automatic encryption), mandate reporting of phishing from staff, and ensure third-party vendors are held to same standards. Technical defenses must be backed by operational discipline: regular audits, employee training, properly staffed security teams, and continuous monitoring. It’s only by combining strong tools with strong practices that healthcare providers can stem the tide of email‐based breaches.

      Microsoft
      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticleWaymo Rolls Out ‘Waymo for Business’ to Bring Robotaxis Into the Corporate Realm
      Next Article Weaponized Desktop Shortcuts: APT36 Strikes Indian Government Agencies

      Related Posts

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Popular Topics
      SpaceX Sundar Pichai Series A Stocks Series B trending UAE Tech spotlight Tesla Viral Space Taiwan Tech Samsung Tesla Cybertruck starlink Startup Tim Cook Satya Nadella Software Satellite
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.