In 2024, the healthcare sector experienced an alarming surge in cyberattacks, breaking records with 677 major data breaches that impacted over 182 million individuals. The year was marked by a particularly devastating event—the Change Healthcare ransomware attack—claimed by the Russian-speaking BlackCat group. This breach, which affected 100 million Americans, not only compromised sensitive health data but also led to widespread IT system disruptions, severely hampering healthcare operations. The scale of the attack demonstrated the vulnerability of centralized IT services in healthcare, where many hospitals and clinics rely on third-party providers for essential services.
By December 20, the U.S. Department of Health and Human Services reported that hacking/IT incidents were the leading cause of breaches, accounting for 550 of the total incidents in 2024. The Change Healthcare attack alone caused significant financial and operational chaos, with the company paying a record ransom of $22 million to the cybercriminals. Hospitals and clinics were left unable to verify patient insurance, resulting in delays in care and financial instability across the healthcare sector. The attack underscored the severe consequences of relying on a small number of vendors for critical healthcare infrastructure.
In addition to ransomware, the year saw other types of breaches, with unauthorized access/disclosure incidents affecting millions of individuals. Notably, a May ransomware attack on Ascension Health, reportedly by the Black Basta group, impacted 5.6 million people. Data exfiltration and business associate incidents continued to highlight the risks posed by third-party vendors, with business associates involved in a third of the breaches. These incidents demonstrated that cyber threats are not only a concern for healthcare providers but also for the entire supply chain of healthcare services.
As the healthcare industry looks toward 2025, experts predict that cyberattacks will continue to evolve and target critical services. Ransomware, data theft, and supply chain breaches are expected to persist, with cybercriminals and nation-states aiming to destabilize healthcare systems further. The growing reliance on remote healthcare services, the internet of medical things, and artificial intelligence in diagnostics presents additional challenges in securing healthcare infrastructure. As the sector prepares for an uncertain cybersecurity landscape, organizations must strengthen their defenses, implement robust incident response plans, and collaborate across the industry to mitigate risks and safeguard patient care.
