The healthcare industry’s repository of data and private medical information has long been a magnet for cybercriminals. In the United States, cyberattacks have been costly - often resulting in up to millions of compromised patient records per breach. In the
in the United States to date, that of health insurance provider Anthem Inc., 78.8 million private records were compromised. Not only are financial losses at stake during such a breach, but the health of patients is severely compromised when critical medical records can no longer be accessed.
Healthcare cyberattacks
Healthcare organizations are the center of various types of
cyberattacks globally, with network and application attacks being the main type. The common misconception about cybercrime is that small organizations believe they are not very attractive to cybercriminals. Consequently, they do not invest in cybersecurity and have a relatively relaxed security posture, thus becoming more vulnerable to cybercrime incidents. Meanwhile, according to 2022 research, small healthcare organizations were twice as
likely to be hit with cyberattacks.
Data breaches in U.S. healthcare
In 2022, healthcare providers in the United States saw 344
cases of data compromises. From January to October 2023, there were 69
cases of data violation involving healthcare organizations in the country and 2015 marked the year of the highest number of healthcare data breaches in the United States. That year, over 112 million health data records were
breached.
What causes a healthcare data breach?
Threat actors mitigate organizations’ security solutions in various ways. Nevertheless,
hacking and other related IT security incidents remain the most common causes of data breaches in the healthcare industry in the U.S.
Unauthorized access or disclosure of sensitive data is the second most common way healthcare information is leaked.
Impact of cybercrime in healthcare sector
Healthcare organizations suffer from cyberattacks not only by having material losses or reputational damage but also suffer from more serious repercussions. Recent data shows that ransomware attacks targeting healthcare organizations in the United States have
increased mortality rates, along with extending the length of patient stays. For more than half of the surveyed healthcare organizations in the market, disruptive attacks made it impossible to
provide patient services.
Cybersecurity in U.S. healthcare
For better cyber preparedness, health organizations should raise awareness across all departments and include as many employees as possible. Currently, cybersecurity training is provided
occasionally, with only a few organizations receiving it annually.
This text provides general information. Statista assumes no
liability for the information given being complete or correct.
Due to varying update cycles, statistics can display more up-to-date
data than referenced in the text.
