The major cyberattacks that have affected healthcare systems in 2024

The year is only halfway over, but the healthcare sector has already reported 280 cyber incidents. That’s 24% of all United States cyber events in 2024, putting healthcare ahead of every other industry. These incidents could impact millions of people and compromise vast amounts of digital records containing protected health information (PHI).

Out of hundreds of incidents, these have been the 3 largest cyberattacks on healthcare data security so far in 2024. Collectively, they’ve had a broad and damaging impact on businesses and consumers.

A ransomware attack on February 21, 2024, caused a shutdown of all Change Healthcare services. Hospitals, practices, pharmacies, and medical billing companies across the US experienced disruptions in e-prescribing, claims processing, verifications, reimbursement, and other transactions. 

The Change Healthcare data breach could impact 1 in 3 Americans. More than 3 months after the incident, many Change Healthcare services have been partially or fully restored, but work continues on some services. 

On April 12, 2024, the Kaiser Foundation Health Plan notified the US government of a data breach affecting 13.4 million people. Rather than a cyberattack, in this case, PHI was shared with 3rd-party entities via tracking code embedded in the insurance company’s web pages and mobile app, violating HIPAA privacy laws. 

The information shared includes member names, IP addresses, sign-in and activity data, and health encyclopedia search terms. Kaiser has since removed the tracking code.

A cyberattack on May 8, 2024 caused Ascension system outages that disrupted operations at numerous Ascension hospitals nationwide. Outages interrupted Hospital EHR access, Ascension pharmacy processing, and patient access to portals.

Ascension is working with cybersecurity experts to restore network operations safely. According to Ascension’s website, partners and vendors have started reconnecting, and patients and clinicians should “see progress across our points of care” the week of May 27.

These are smaller yet still significant healthcare cyberattacks that have occurred so far this year.

On January 24, 2024, an attacker attempted to encrypt the GHC-SCW computer system. Encryption was unsuccessful, but the attacker managed to copy files containing the protected personal information, including social security numbers, of 533,809 individuals.

This 13-office Indiana group practice detected unauthorized network activity on February 17, 2024. The attacker sent messages threatening to expose sensitive patient information. Forensics indicate the attacker likely never accessed patient records, but a breach impacting 316,802 people can’t be ruled out. 

Ernest Health operates hospitals and rehabilitation facilities in 13 states. In February, the organization identified unauthorized activity that occurred from January 16 to February 4, 2024. The attackers accessed the personal and medical information of at least 101,413 individuals.

Cybercrime poses a serious threat to healthcare organizations of any size. Even a “minor” data breach can have severe consequences, while a major attack could be devastating.

As seen with Change Healthcare, large interconnected systems can deliver the fallout from an attack right to the door of smaller practices. Attacks on large entities can also expose common healthcare cybersecurity vulnerabilities, encouraging threat actors to exploit them in practices lacking large companies' protection level. 

Any breach of healthcare data security poses a significant risk to patient privacy. Unauthorized access to PHI can lead to identity fraud, public exposure of personal details, financial theft, and other crimes. Failure to protect patient privacy can cause patients to lose trust in your practice.

A data breach may lead to financial losses caused by delayed payments, expensive workarounds, legal fees, and remediation costs. Additionally, loss of patient trust can impact retention, resulting in reputational damage that discourages new business, increasing financial instability.

The 2024 incidents underscore the interconnected nature of the healthcare ecosystem and the critical importance of proactive cybersecurity measures. Robust security is essential to safeguard sensitive patient information and maintain operational integrity.

The 2024 incidents illuminate common vulnerabilities such as weak password protocols, outdated software, insufficient encryption, and lack of staff education. Cybercriminals use hacking methods to exploit these weaknesses, including:

The good news is that the recent cyber incidents reveal priority actions you can take to strengthen your practice’s defenses. 

Cybersecurity in healthcare requires a comprehensive strategy. Protect your practice with a robust defense that includes: 

Adopt effective IT security measures, including:

A simple but highly effective IT measure is using strong passwords that are difficult to replicate.

Create a “culture of cybersecurity awareness” by scheduling regular training sessions emphasizing best practices. Essential topics include device security, recognizing phishing attempts, and reporting suspicious activity. 

Performing regular audits helps identify security gaps and areas for improvement. Scheduling routine software updates and timely hardware maintenance keeps network equipment secure. 

An incident response plan outlines clear steps to identify, contain, and recover from a cyber incident, including downtime protocols. Review the plan regularly and update it as cyber threats evolve. 

Three major cyberattacks in 2024 have exposed a critical need to boost cybersecurity in healthcare. Fortunately, proactively implementing robust security measures can significantly improve your practice’s protection and help mitigate the impact of a cyberattack. 

Tebra’s ONC-certified platform for independent practices supports robust data security. Learn more in a free demo today.