US Has Lost $78 Billion to Ransomware Attacks on Healthcare


October 24, 2023

World map

A new study revealed that ransomware attacks against the healthcare sector have bled the US economy of tens of billions of dollars in over the past seven years, with 539 attacks reported against healthcare organizations impacting nearly 10,000 hospitals and clinics with over 52 million patient records compromised.

Downtime varied from minimal disruption for those with frequent data backups, to months of recovery time, although the average was 14 days per organization. At nearly 19 days, 2023 is the worst year for downtime during the reporting period, followed by 2022 (16 days).

“So far this year, 66 ransomware attacks have taken place on 1568 medical organizations leading to over 7.3 million breached patient records. With three months still to go until the end of the year, it’s highly likely that 2023 will see a renewed spike in ransomware attacks on healthcare organizations,” Infosecurity Magazine reported.

“With healthcare organizations witnessing an average of 18.7 days of downtime in 2023, it’s clear that hackers aren’t just succeeding in data theft but are managing to cause unprecedented disruption with their malware.”

Takeaway: There is no way to argue against the fact that ransomware attacks on healthcare providers pose a significant threat to human life, and it is surprising we have not seen more negative outcomes for patients given the incredible metrics on healthcare system downtime.

While the perception is that given how expensive healthcare is to obtain, the industry must be flush with cash and very stable, that is a misconception. The reality is that the healthcare system is largely operated by non-profit entities who work on shoestring margins. This sector typically lacks the appropriate budgets and staff to maintain a reasonable security posture.  

Ransomware attacks are the biggest threat facing organizations today, and healthcare providers have been hit particularly hard. The demise of SMP Health back in June due to its inability to process payments following a disruptive ransomware attack demonstrates how fragile our healthcare system is.  

Unfortunately, given that healthcare providers are a favorite target of some of the most notorious ransomware operators, we are likely to see more regional healthcare providers suffer the same fate.

Criminal ransomware groups know that the impact of an attack against healthcare organizations does not just disrupt everyday business; it directly affects the lives of their patients.

Ransomware groups continue to prove they have zero conscience with regard to human life and the potential for suffering or even death. They continue to victimize healthcare providers simply because they are easy targets.  

The average time it takes for an organization to recover from a ransomware attack has been pegged at about three weeks or more. While a private, profitable organization with ample resources may be able to weather such a lengthy disruption to operations, the healthcare game is one of immediacy - patients are different than customers, and in most cases, they cannot afford delays in treatment. is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.