Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015

Nearly 400 healthcare entities have been hit by ransomware attacks in 2024 alone, costing each up to $900 thousand in losses per day of downtime and delaying patient care, a study found. 

According to the analysis from Microsoft, 389 healthcare organizations have fallen victim to ransomware this year, a surge of 300% since 2015. Moreover, the cost of ransoms has gone up, averaging $4.4 million dollars—and many groups pay up, which could be driving the rise in incidents.

In the report, Microsoft cites 99 companies that admitted paying criminals to have their data unencrypted or deleted. A survey cited in the report concluded the number may even be higher, with an estimated 53% of healthcare ransomware attacks resulting in payment. 

“Part of the reason ransomware has become such a pronounced problem for healthcare is the sector's track record of making ransom payments. Healthcare organizations prioritize patient care above all else, and if they must pay millions of dollars to avoid disruptions, they are often willing to do so,” the report reads. 

Nearby hospitals suffer during attacks

The impacts on patient care are very serious. Microsoft anchors its analysis in 5 case studies at differing entities, and the results show an increase in deaths from heart attacks, strokes, and significant slowing of operations as a result of ransomware—and those spikes are seen at facilities unaffected by the cyberattack. 

When a hospital is forced to work on pen-and-paper operations, they divert emergency patients to other facilities. Stroke code activations at back-up hospitals rose by 113.6% during a ransomware attack in their region, and cases of cardiac arrest jump 81%. Additionally, unaffected hospitals also see a rise in patients leaving without being seen, as the average waiting room time for patients rises roughly 50%, from 21 minutes to 31 minutes. 

Microsoft cites a study published in JAMA as the source for its data on neighboring facilities. That study, now more than a year old, may not reflect the rise in ransomware attacks seen in recent years.

The company said investment in cybersecurity may be the only option, as healthcare is likely to remain a prime target of data breaches and ransomware attacks for the foreseeable future. 

“The combination of healthcare's reliance on digital technologies, its sensitive data, and the resource constraints many organizations face—often due to razor-thin margins—can limit their ability to invest fully in cybersecurity, making them especially vulnerable,” the report reads. 

The full study can be found here

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”