As first reported by TechTarget, a comprehensive analysis of healthcare breach data from 2010 to 2024 shows a dramatic shift in how protected health information (PHI) is compromised. While theft and unauthorized access were the most common causes of data breaches in 2010, hacking and IT incidents now dominate, accounting for 81% of large-scale healthcare breaches in 2024. This surge parallels a broader rise in breach volume—from 216 in 2010 to 566 in 2024—and reflects the growing sophistication and frequency of cyberattacks targeting healthcare systems.
The study, conducted by researchers from Michigan State, Yale, and Johns Hopkins, highlighted the increasing impact of ransomware within these incidents. Although ransomware attacks accounted for 31% of hacking-related breaches in 2021, that number dipped to 11% in 2024—still representing a significant threat, with attacks like the one on Change Healthcare disrupting services nationwide. Despite ransomware’s slightly reduced share, hackers are compromising more patient records with fewer attacks; of the 732 million PHI records breached over the 14-year span, 88% were due to hacking or IT incidents.
Researchers emphasized that the true toll of ransomware is likely underreported, particularly when it comes to the operational disruptions hospitals face during system outages. They call for better breach tracking, including mandatory ransomware fields in federal reporting, revised severity scoring to account for clinical impact, and monitoring of cryptocurrency flows to prevent ransom payments.
As healthcare organizations face mounting cyberthreats, especially amid limited resources, the findings underscore the urgent need to improve both breach visibility and defense mechanisms across the sector.
