Healthcare Providers and Hospitals Under Ransomware’s Siege

While ransomware groups have not spared any industry, attackers have put the healthcare sector at the top of their preferred targets. The surge in hospitals falling victim to breaches has raised concerns among regulators and government officials who have moved to push through new policies and legislation.

CommonSpirit, one of the largest nonprofit healthcare systems in the US, posted a privacy breach notice on Dec. 1, warning that 623,774 patient records were exposed after a breach on Sept. 16. The nationwide network of 140 hospitals and over 1,000 care facilities in 21 states confirmed that ransomware attackers accessed the patient records, but said there is currently no evidence that personal information was misused. The potentially affected patients were those treated at CommonSpirit’s Franciscan Medical Group and Franciscan Health in Washington. The four hospitals are now known as Virginia Mason Franciscan Health, a CommonSpirit affiliate.

The current spike builds on last year’s 35% increase in overall attacks on healthcare providers compared with 2020, according to Critical Insight, a managed detection and response (MDR) service provider. According to Critical Insight, cyberattacks on healthcare providers affected 45 million individuals last year, compared with 34 million in 2020 and 14 million in 2018.

In October, the FBI Internet Crime Complaint Center (ICA) reported that among 16 critical infrastructures, the healthcare and public health sector accounts for 25% of ransomware complaints. The US Department of Health and Human Services (HHS) in April issued a warning about Hive, an aggressive ransomware group that

Read more

Explore the site

More from the blog

Latest News