News
[iThome Article Sharing] Healthcare Industry Becomes New Target of Data Breach Threats: A Well-Known Swiss Medical Institution Uses OPSWAT Technology to Prevent Malicious Software Attacks Spreading Through Email
Because of the high value of patient privacy data, healthcare institutions have become increasingly attractive targets for cybercriminals. Malicious software embedded in email attachments is a common tactic used by attackers to gain unauthorized access to internal networks, leading to serious data breaches.

Recent incidents in 2024 highlighted this worrying trend, including:

Ascension Health Systems (May 2024)

A ransomware attack occurred after an employee downloaded a malicious file that compromised systems including MyChart electronic health records, resulting in the theft of protected health information (PHI) and personally identifiable information (PII).

Original link: https://www.ithome.com.tw/pr/166939

Los Angeles Health Services (April 2024)

A phishing attack compromised the email accounts of 23 employees, exposing the personal and health information of thousands of patients.

Norton Healthcare (May 2023)

A ransomware attack launched by the ALPHV group exposed the sensitive information of 2.5 million people through phishing.

These breaches are part of a growing cybersecurity crisis in the healthcare industry.

Cyber ​​breaches in the healthcare sector are on the rise.

HIPAA magazine found that in the past 12 months, the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) received 801 reports of medical data breaches, affecting 55,923,612 people. In March 2024 alone, there were 93 breaches, a 50% increase from the previous month.

The frequency of these breaches is rising, causing significant losses. According to IBM’s “2024 Cost of Data Breach Report,” the global average cost of a data breach reached $4.88 million, a 10% increase from the previous year, setting a new record.

This growing trend has prompted many healthcare organizations to strengthen email security, including Luzerner Psychiatrie AG (LUPS).

Email security has become one of the most significant cybersecurity challenges today.

As one of Switzerland’s largest behavioral health organizations, Luzerner Psychiatrie AG (LUPS) receives hundreds of thousands of emails monthly, many containing sensitive attachments such as JPEGs, Word documents, patient signatures, healthcare forms, and medical records. Despite having segmented servers and a robust firewall, Tobias Müller, head of LUPS’s technical engineering team, recognized the need for additional protection against email-borne threats.

To enhance email security, LUPS sought an on-premises solution that could thoroughly scan all email attachments for potential threats before they entered the network.

After evaluating various options, including an upgrade to Microsoft 365 E5, they found OPSWAT’s MetaDefender Email Security for Email Exchange Server to be the most cost-effective, customizable, and adaptable solution against evolving threats.

“From a business perspective, using OPSWAT is an important security measure that protects not only our customers but also the business itself.”

Tobias Müller – Head of Technical Engineering, Luzerner Psychiatrie AG

Scenarios for Using MetaDefender Email Security

LUPS implemented MetaDefender Email Security for its Email Exchange Server with the following specific goals:

• Preventing phishing, zero-day malware, and file-based vulnerabilities from penetrating the network.

• Complying with stringent Swiss regulations requiring all sensitive healthcare data to be stored locally, not in the cloud.

Integrating with Previous LUPS Network Segmentation OPSWAT Solution

LUPS Operating System OPSWAT Integration

“OPSWAT helps us prevent files that may contain malware from entering the network.”

Tobias Müller – Head of Technical Engineering, Luzerner Psychiatrie AG

The Value of MetaDefender Email Security

From day one, Müller and his team have benefited from MetaDefender Email Security for their Email Exchange Server. This solution complies with Swiss regulations, requiring local management of sensitive data and effective identification and blocking of suspicious files before they enter the network.

Key Advantages

• High Detection Rate: Up to 99.20% detection rate for the first 10,000 threats.

• Advanced Malicious Software Detection: Powered by multiple anti-malware engines with heuristic and machine learning capabilities.

• Deep Content Disarm and Reconstruction (Deep CDR) Technology: OPSWAT’s award-winning Deep Content Disarm and Reconstruction (Deep CDR) technology assumes every file is a potential threat. Files are deconstructed, threats are removed, and then the files are reconstructed in a secure format to ensure they are safe and compliant before entering the network.

“By using multiple engines for scanning, you can almost guarantee 100% that your files are uninfected.”

Tobias Müller – Head of Technical Engineering Team, Luzerner Psychiatrie AG

OPSWAT’s Deep CDR cleans files to prevent file-based vulnerabilities by eliminating threats and rebuilding them.

“OPSWAT solutions, along with Deep CDR, can defend against malicious emails before you even click on any email, preventing threats from entering your network.”

Tobias Müller – Head of Technical Engineering Team, Luzerner Psychiatrie AG

Looking to the Future: Mobile Multimedia Security

In addition to email security, LUPS also needed to protect against file-based threats introduced by vendors, patients, and third parties through mobile multimedia.

To address this issue, they chose OPSWAT’s MetaDefender sandbox for rapid scanning of thousands of files, enabling zero-day malware detection and extracting more Indicators of Compromise (IOCs) than competing solutions. The solution will be deployed near the support team to ensure that any removable media (such as USB drives or CDs) is completely free of malware before information is uploaded to the network.

“The sandbox allows you to inspect external media before these files even reach your network,” says Müller. “Malicious software can always enter your system through other means, such as the internal information of USB drives and CDs. Once the sandbox is installed, we will be able to completely ensure that these files are malware-free before they enter our network.”

“The sandbox allows you to quickly and deeply examine external media files before they reach your network.”

Tobias Müller – Head of Technical Engineering Team, Luzerner Psychiatrie AG

MetaDefender’s unique adaptive threat analysis technology enables zero-latency malware detection and extracts more threat indicators.

Further Reading: Easily Deploy a MetaDefender Sandbox in a Few Steps

Start Protecting Your Network from Future Cyber ​​Threats Now

When asked what he would recommend other healthcare providers take to protect their networks, Mr. Müller suggested the following steps:

1. Network Segmentation: Ensure your network is segmented with firewalls between segments to prevent the spread of malware.

2. Email Defense: Prevent malicious files from entering your system via email.

3. Comprehensive File Security: Ensure files from both internal and external sources are sanitized before reaching the network.

This is especially important for healthcare organizations like LUPS, which have multiple branches in Switzerland and whose information resides on a single network. Every network segment must be protected.

Ultimately, OPSWAT helped LUPS become a leader in proactive cybersecurity in the healthcare sector by blocking malware from all angles. Now, they can effectively protect patient data, safeguard their business, and maintain compliance in an ever-evolving threat environment.

© 2026 Docutek Solutions, Inc. All rights Reserved.
Privacy Policy Cookies Settings