Personal health information of 42M Americans leaked between 2016 and 2021

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled.

Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers.

Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021.

Common operational disruptions included canceled appointments/surgeries, electronic system downtime, and ambulance diversion. The researchers calculated the operational disruption duration and other data related to the attacks.

From 2016 to 2021, the annual number of ransomware attacks passed from 43 to 91. 

“In this cohort study of 374 ransomware attacks, the annual number of ransomware attacks on health care delivery organizations more than doubled from 2016 to 2021, exposing the personal health information of nearly 42 million patients.” reads the report published by Jama Network. “During the study period, ransomware attacks exposed larger quantities of personal health information and grew more likely to affect large organizations with multiple facilities.”

During the study period, the researchers documented 374 ransomware attacks on healthcare systems that exposed the personal health information (PHI) of 41 987 751 individuals.

The exposure of personal health information increased more than 11-fold, from roughly 1.3 million in 2016 to close to 16.5 million in 2021.

Approximately one in five (20.6%) healthcare organizations that suffered a ransomware attack were able to restore data from backups. For 15.8% of ransomware attacks, threat actors leaked stolen PHI by posting it on dark web forums.

Ransomware attacks mainly targeted clinics, followed by hospitals, other delivery organization types, ambulatory surgical centers, mental/behavioral health organizations, dental practices, and post–acute care organizations. 

Experts also reported that 52.9% of all ransomware attacks affected multiple facilities within the attacked organization.

“The results of this cohort study suggest that from 2016 to 2021, ransomware attacks on health care delivery organizations increased in frequency and sophistication. These attacks exposed PHI and frequently disrupted health care delivery, but further research is needed to more precisely understand the operational and clinical care consequences of these disruptions.” concludes the report. “As policy makers craft legislation aimed at countering the threat of ransomware attacks across multiple industries, we urge them to focus on the specific needs of health care delivery organizations, for which operational disruptions may carry substantial implications for the quality and safety of patient care.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, healthcare)

[adrotate banner=”5″]

[adrotate banner=”13″]