Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024 Internet Crime Report released April 23. A total of 444 reported incidents impacted health care, comprised of 238 ransomware threats and 206 data breach incidents. Only critical manufacturing had more ransomware incidents, with 258, but fewer data breaches, with 71. The report also found that ransomware groups with the most FBI complaints in 2024 included Akira, LockBit and RansomHub. 

“It’s not surprising that the report shows health care suffered the highest combined total of ransomware and data theft attacks of any U.S. critical infrastructure sector,” said John Riggi, AHA national advisor for cybersecurity and risk. “Concurrently in 2024, health care made 592 regulatory filings of reported ‘hacks’ of protected health information to the Department of Health and Human Services Office of Civil Rights, impacting a record of 259 million Americans. That massive number is mainly due to the hacking of records for 190 million Americans during the Change Healthcare ransomware attack.  

“As we analyze these incidents, we have noticed consistent patterns over the past three years, with the vast majority of patient records being stolen from third parties — not from hospitals. Also, the majority of ransomware attacks are perpetrated by Russian-speaking ransomware groups that primarily use social engineering, stolen credentials and exploitation of unpatched published vulnerabilities for initial access. However, the sharing of threat intelligence and defensive measures across health care has increased significantly, while prioritizing resiliency through clinical continuity protocols to minimize impact to patient care and safety.” 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners May 22 released guidance on securing data used for…
Headline
The FBI, along with the National Security Agency and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations…
Headline
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…
Headline
The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators…
Headline
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as…
Headline
The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical…