Ransomware attacks are having a severe impact on U.S. healthcare organizations, with an alarming escalation in incidents and their consequences, according to a Comparitech report.

The study found that, since 2018, 654 ransomware attacks have targeted healthcare providers, with 2023 standing out as a record-breaking year, logging 143 incidents.

These attacks compromised over 88.7 million patient records during this period, with more than 26.2 million breached in 2023 alone.

Each day of downtime due to ransomware costs healthcare organizations an average of $1.9 million, culminating in an estimated $21.9 billion in downtime losses over six years.

On average, medical organizations experienced 17 days of downtime per incident, with the highest disruptions reported in 2022, averaging 27 days.

Rebecca Moody, head of data research at Comparitech, noted the evolving nature of ransomware threats in healthcare.

"One of the most significant changes in ransomware attacks has been the increased focus on stealing large amounts of data," she said. "If we look at the top 10 ransomware data breaches since 2018, seven of them occurred in 2023 and 2024."

She explained healthcare organizations are particularly vulnerable to ransomware attacks due to their reliance on operational continuity and sensitive patient data.

"Healthcare organizations can ill-afford downtime," Moody said. "Losing access to systems can cause widespread chaos, delayed healthcare, and even errors in medication dispensing."

She said hackers often leverage this urgency, employing double-extortion tactics by encrypting systems while exfiltrating data to increase the pressure for ransom payments.

Moody stressed that preparation is key to minimizing the impact of ransomware attacks.

"The key is being prepared for the worst-case scenario," she said. "Having an incident response team, a communication plan, and clear instructions for managing threats and recovering data can help healthcare companies recover quickly."

Frequent data backups are also essential to recovery efforts, but many organizations face challenges in implementing them due to budget constraints and gaps in employee training.

As ransomware tactics continue to evolve, Moody emphasized the importance of robust cybersecurity measures to protect sensitive patient data and maintain operational integrity. 

"Having a plan in place can help hospitals and clinics maintain continuity of care, even during prolonged system outages," she said.

The report comes as Nebraska's attorney general filed a lawsuit against UnitedHealth Group and its subsidiaries Change Healthcare and Optum following a ransomware attack that disrupted critical healthcare services across the state.

Healthcare organizations are still struggling to get a handle on cybersecurity as threats explode and complexity of defense increases, with the rise of AI also causing concern.

Nathan Eddy is a healthcare and technology freelancer based in Berlin.
Email the writer: nathaneddy@gmail.com
Twitter: @dropdeaded209