Cybercriminals have set their sights on the healthcare sector, and recent breaches have shown just how vulnerable this industry has become. With healthcare providers relying more on digital systems, the risks of ransomware attacks and data breaches are growing. Healthcare organizations can use recent incidents as learning opportunities to enhance their defenses, protect patient data, and maintain smooth operations.
In 2023, over 88 million people in the U.S. were impacted by large-scale healthcare data breaches—a 60% jump from the year before. Unfortunately, 2024 is shaping up to be just as severe, with high-profile ransomware attacks hitting providers across the U.S., Canada, and Australia. These incidents reveal how deeply interconnected systems and electronic health records have made the sector a target for cybercriminals.
In May 2024, Ascension Healthcare, a nonprofit running 140 hospitals, suffered a ransomware attack by the Black Basta group. The fallout was immense: ambulances were diverted, phone systems went down, and electronic records became inaccessible. Many facilities had to switch to paper records, delaying tests and canceling procedures. Weeks later, some pharmacies were still closed. The breach exposed weaknesses in Ascension’s disaster recovery plans and cybersecurity defenses.
Earlier in 2024, Change Healthcare, part of UnitedHealth Group, faced its ransomware attack. Hackers stole 4 terabytes of data and demanded a $22 million ransom. The attack’s ripple effects included $593 million in response costs and an estimated $1.6 billion in total damages by year-end. Payment systems used by hospitals, clinics, and pharmacies were severely disrupted, exposing gaps in basic safeguards like multi-factor authentication (MFA).
The year also saw attacks on healthcare providers globally. In Canada, London Drugs shut down its pharmacies due to ransomware. In Australia, MediSecure’s prescription services were disabled after a breach involving a third-party vendor. In Wisconsin, Group Health Cooperative lost data on 530,000 individuals, even though encryption prevented the hackers from locking systems.
These cases make it clear that no healthcare organization—large or small—is immune to cyberattacks.
Operating under the assumption that a breach is inevitable encourages preparation. Healthcare providers should create and regularly test disaster recovery plans, run tabletop exercises to identify vulnerabilities and align security with broader organizational goals.
While advanced security tools are valuable, the fundamentals matter just as much. This includes implementing MFA to prevent credential theft, conducting regular penetration testing, keeping software patches up-to-date, and maintaining strict control over access to sensitive data through IT asset management and data loss prevention tools.
Healthcare providers often face tight budgets, but free tools can help. Open-source vulnerability scanners, breach monitoring services like HaveIBeenPwned, and government resources from agencies such as the U.S. Cybersecurity & Infrastructure Security Agency (CISA) can strengthen defenses without adding cost.
Vendors and integrations can introduce vulnerabilities, as MediSecure’s experience shows. Organizations need processes to evaluate and monitor third-party providers, secure APIs, and track potential risks in software supply chains.
When a breach occurs, how an organization communicates matters. Avoid making overly optimistic public statements early on, as this can backfire if the damage turns out to be worse than expected. Transparency and honesty go a long way in maintaining trust with patients and stakeholders.
Healthcare providers can’t afford to treat cybersecurity as an afterthought. Recent breaches prove the need for ongoing vigilance and investment in both technology and staff training. By taking proactive measures, like prioritizing security basics, managing third-party risks, and staying prepared for potential breaches, organizations can build resilience against cyber threats.
Cybersecurity is not a one-and-done process. It’s a challenge that requires continuous attention. Staying informed about new threats and fostering a culture of security awareness can help healthcare providers protect what matters most: patient care and trust.
Learn more: HIPAA Compliant Email: The Definitive Guide