Skip to main content
close search
site logo
Dive Brief

88% of healthcare organizations experienced a cyberattack in past year, report finds

The average cost of organizations’ most expensive cyberattack increased 13% year over year, according to a survey from the Ponemon Institute.

Published Oct. 11, 2023
Emily Olsen's headshot
Reporter
A single opened padlock glows red among rows of closed blue padlocks.
JuSun via Getty Images
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • Eighty-eight percent of surveyed healthcare organizations experienced at least one cyberattack in the past year, leading to strained patient care and increased costs, according to a report by the Ponemon Institute sponsored by cybersecurity software company Proofpoint.
  • Many of those attacks compromised patient care, causing delays in procedures or tests, or increasing complications. Sixty-eight percent of respondents who experienced ransomware attacks said the attacks negatively impacted patient safety and care.
  • The average cost for organizations’ most expensive cyberattack was $4.9 million. Disruption to normal healthcare operations due to system availability issues was the most significant financial consequence of an attack, according to the report. 

Dive Insight: 

The report, which surveyed more than 650 IT and IT security practitioners at U.S.-based healthcare organizations, found more professionals saw their workplaces as vulnerable to each type of cyberattack — cloud compromise, business email attack, ransomware and supply chain attack — compared to 2022. 

Organizations surveyed reported an average of 40 cyberattacks over the past 12 months. All of them experienced at least one incident where sensitive healthcare data was lost or stolen, and 43% said data loss or exfiltration impacted patient care.

Of those, 46% said it increased mortality rates, while 38% it increased complications from medical procedures. 

The most frequent attacks in healthcare are against the cloud, with 63% of respondents reporting an average of 21 cloud compromises during the past two years. 

Healthcare organizations report patient care disruptions from cyberattacks

Percent of respondents who reported patient care impacts by type of attack

 

Healthcare data breaches have become increasingly common over the past decade as companies adopted electronic records and added digital services. Breaches have exposed 385 million patient records from 2010 to 2022, according to federal records, and hacking incidents in particular have skyrocketed. 

Cyberattacks that disrupt facility operations can put patients’ lives at risk. A ransomware attack against Chicago-based CommonSpirit Health last year disrupted access to health records and delayed patient care, while a recent attack against Prospect Medical Holdings forced some ambulances to divert patients to other hospitals.

Recommended Reading

Filed Under: Health IT

Editors' picks

Company Announcements

View all | Post a press release
Healthworx partners with Highmark Inc, LifeBridge Health for new accelerator program
From Healthworx
July 30, 2024
MindMetrix Launches Comprehensive Mental Health Assessment Tool for Hospitals, Practices, and …
From MindMetrix
August 08, 2024
Catalyst Solutions to lead the Medicaid Modernization Panel at MESC24 on State of Florida's Mo…
From Catalyst Solutions
August 02, 2024
Wiley to Expand Reach and Impact of Medical Education Programs to More Than 2.8 million Health…
From Wiley
July 31, 2024
Editors' picks
Latest in Health IT
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell