Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015

Nearly 400 healthcare entities have been hit by ransomware attacks in 2024 alone, costing each up to $900 thousand in losses per day of downtime and delaying patient care, a study found. 

According to the analysis from Microsoft, 389 healthcare organizations have fallen victim to ransomware this year, a surge of 300% since 2015. Moreover, the cost of ransoms has gone up, averaging $4.4 million dollars—and many groups pay up, which could be driving the rise in incidents.

In the report, Microsoft cites 99 companies that admitted paying criminals to have their data unencrypted or deleted. A survey cited in the report concluded the number may even be higher, with an estimated 53% of healthcare ransomware attacks resulting in payment. 

“Part of the reason ransomware has become such a pronounced problem for healthcare is the sector's track record of making ransom payments. Healthcare organizations prioritize patient care above all else, and if they must pay millions of dollars to avoid disruptions, they are often willing to do so,” the report reads. 

Nearby hospitals suffer during attacks

The impacts on patient care are very serious. Microsoft anchors its analysis in 5 case studies at differing entities, and the results show an increase in deaths from heart attacks, strokes, and significant slowing of operations as a result of ransomware—and those spikes are seen at facilities unaffected by the cyberattack. 

When a hospital is forced to work on pen-and-paper operations, they divert emergency patients to other facilities. Stroke code activations at back-up hospitals rose by 113.6% during a ransomware attack in their region, and cases of cardiac arrest jump 81%. Additionally, unaffected hospitals also see a rise in patients leaving without being seen, as the average waiting room time for patients rises roughly 50%, from 21 minutes to 31 minutes. 

Microsoft cites a study published in JAMA as the source for its data on neighboring facilities. That study, now more than a year old, may not reflect the rise in ransomware attacks seen in recent years.

The company said investment in cybersecurity may be the only option, as healthcare is likely to remain a prime target of data breaches and ransomware attacks for the foreseeable future. 

“The combination of healthcare's reliance on digital technologies, its sensitive data, and the resource constraints many organizations face—often due to razor-thin margins—can limit their ability to invest fully in cybersecurity, making them especially vulnerable,” the report reads. 

The full study can be found here

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.