Record-Breaking Healthcare Cyber Attacks of 2024

The healthcare sector experienced unprecedented cybersecurity challenges in 2024, highlighted by a staggering number of data breaches that impacted millions. Notably, a ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group, compromised the data of approximately 100 million Americans and caused significant operational disruptions for healthcare providers across the country.

As of December 20, the U.S. Department of Health and Human Services’ Office for Civil Rights reported a total of 677 major health data breaches affecting over 182.4 million individuals. Among these incidents, hacking and IT-related breaches were by far the most prevalent, representing 550 breaches and impacting more than 166 million people.

The February incident involving Change Healthcare, linked to the ransomware group BlackCat (also known as AlphV), set new records for both the number of individuals affected and the extensive disruption experienced by healthcare entities. Mike Hamilton, field Chief Information Security Officer at Lumifi, remarked that this incident illustrated the vulnerabilities associated with centralized IT services within the healthcare sector, leaving providers unable to verify patient insurance and process payments.

The repercussions of this security breach were far-reaching, accounting for roughly 55% of the individuals affected by major health data breaches in 2024. In addition to this, Change Healthcare’s ransom payment of $22 million marked one of the largest payouts for such incidents, underscoring the severe implications of ransomware attacks on the industry.

Following Change Healthcare, Ascension Health experienced a significant breach in May due to ransomware attributed to the cybercriminal group Black Basta, affecting 5.6 million patients. Such incidents are reflective of a broader trend; as of December 20, business associates were involved in about one-third of the reported breaches, impacting over 131 million individuals, largely due to the severe fallout from the Change Healthcare hack.

Globally, healthcare stakeholders faced similar threats, evidenced by cyberattacks on entities like Synnovis in the UK that disrupted numerous hospitals and contributed to national shortages of critical medical supplies. Considering this global perspective, experts stress the necessity for organizations to prepare comprehensive incident response plans across all operational areas to ensure effective continuity during crises.

Examining the recent cybersecurity landscape, a shift to cloud infrastructures and software-as-a-service platforms has emerged, bringing additional risks as malicious actors adapt to exploit vulnerabilities in remote access technologies. With over 75% of casework arising from compromised remote access points, security experts advocate for rigorous reviews of VPN user access as well as the timely application of critical security patches.

Looking to 2025, industry experts forecast a continuation, potentially intensifying, of the threats that plagued the healthcare sector in 2024. From ransomware to data theft, these concerns remain paramount. As organizations brace for evolving regulatory frameworks and increased scrutiny, collaborative efforts across the healthcare ecosystem will be essential to bolster defenses against future cyber threats.

In this evolving landscape, keeping abreast of cybersecurity developments and strengthening professional networks will be crucial for healthcare organizations. By fostering collaboration and employing best practices in sharing insights, the sector can fortify its resilience against the persistent threat of cyberattacks.