The most common cause for a breach is described by the research as hacking and IT incidents, accounting for 1,622 breaches. Credit: Shutterstock / Lazy_Bear.

Approximately a quarter of Americans have had their medical records leaked, with research finding that more than 79.6 million people have been caught up in data breaches. Around 71% of the breaches originate due to the hacking of a healthcare provider.

Research carried out by the US-based cybersecurity company Incogni, alongside data published by the US Department of Health and Human Services, detailed how since 2020, healthcare providers were reported to have experienced 1,572 breaches, accounting for 57.6% of all American healthcare profiles that have been exposed.

Go deeper with GlobalData

Go deeper with GlobalData

The gold standard of business intelligence.

Find out more

Discover B2B Marketing That Performs

Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.

Find out more

At the same time, the report by Incogni found the same pattern with reported ransomware attacks finding that since 2020 approximately 76.1% of attacks targeted healthcare providers. The most common cause for a breach is described by the research as hacking and IT incidents, accounting for 1,622 breaches and affecting 136.8 million healthcare profiles.

The biggest breach named in the report was the 2021 breach of the optometry company 20/20 Eye Care Network, which saw the healthcare data of approximately 3.3 million Americans breached after hostile actors were able to access the company’s cloud storage systems.

Darius Belejevas, head of data protection service Incogni, said: “The transition to electronic health systems has undoubtedly brought numerous benefits to the healthcare sector, but it has also introduced significant risks. The exposure of sensitive health information can have devastating consequences for individuals, as their data might be further used by data brokers or even criminals. Incogni advocates for more stringent privacy and security measures for entities that manage patient information.

“As breaches continue to compromise patient privacy, they also put patients’ safety at risk and erode their trust in the healthcare system. Moreover, they can lead to identity theft, medical fraud, and other forms of exploitation.”

GlobalData Strategic Intelligence

US Tariffs are shifting - will you react or anticipate?

Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.

By GlobalData

The healthcare-centric cybersecurity market is expected to steadily grow alongside the rise in attacks on healthcare facilities. Research by GlobalData found that the global cybersecurity market will be worth $334bn by 2030, having grown at a compound annual growth rate (CAGR) of 10% between 2022 and 2030. Additionally, separate research by UK cybersecurity company Sophos, found that only 24% of healthcare organisations were able to disrupt a ransomware attack before the attackers encrypted their data – down from 34% in 2022.

The reasons for cyberattacks on healthcare facilities vary across several causes, but in the past few years cyberattacks on hospitals and healthcare facilities have been used as a tool for disruption from hostile states such as Russia.

Medical Device Network Excellence Awards - Nominations Closed

Nominations are now closed for the Medical Device Network Excellence Awards. A big thanks to all the organisations that entered – your response has been outstanding, showcasing exceptional innovation, leadership, and impact

Excellence in Action
SC MEDICA’s minimally invasive, radiation free spinal facet fixation system, FFX® is transforming spinal pain management and improving outcomes for surgeons and patients alike. Learn how SC MEDICA’s award-winning technology is redefining standards in facet joint pain treatment.

Discover the Impact