« Information Technology
  

Report Sheds Light on Cyberattack and Data Breach Trends from 2024

Despite a slight decrease in data breaches from 2023, the volume of exposed data and records surged.

By Jeff Wardon, Jr., Assistant Editor


Cyberattacks continue to persist into 2025 for the healthcare industry, with almost daily reports of another incident occurring. The HIPAA Journal recently crunched the numbers and released its 2024 Healthcare Data Breach Report, providing insight into the trends and data concerning cyber incidents of the last year. 

In 2024, 725 large healthcare data breaches (involving more than 500 records) were reported to the Department of Health and Human Services (HHS), marking the third consecutive year with over 700 breaches, according to the report. This represents a slight 2.95 percent decrease from 2023. While the number of breaches plateaued, the volume of exposed records surged, reaching 275 million — a 63.5 percent increase from 2023. This spike was largely due to the Change Healthcare breach, which affected 190 million records. 

Similarly, Healthcare Facilities Today also reported on a large-scale ransomware attack on PIH Health in December 2024. This attack resulted in 17 million patient records being stolen, as claimed by the hackers, and halted operations across three of its hospitals. There was even a lawsuit brought against PIH Health that alleged the organization didn’t keep the sensitive data from the hackers. 

Related: Why Healthcare Organizations are Major Cyberattack Targets

Furthermore, hacking and IT incidents dominated, accounting for 81.2 percent of breaches and over 259 million compromised records. Ransomware attacks rose 278 percent from 2018 to 2023, though hacking incidents dipped slightly (2.8 percent) in 2024. Unauthorized access/disclosure incidents remained steady, but the records affected nearly doubled. Phishing was the primary entry point for ransomware (45 percent), followed by Remote Desktop Protocol (RDP) compromises (42 percent) and unpatched vulnerabilities (19 percent). 

Another significant cyberattack in the healthcare field was the Ascension ransomware attack, as Healthcare Facilities Today previously reported on. This was caused by an employee accidentally downloading a malicious file they thought to be legitimate.  

Network servers were the most common source of breaches, with email-related breaches also significant. Despite fewer breaches, the growing scale of compromised data highlights persistent cybersecurity vulnerabilities in healthcare. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



February 6, 2025


Topic Area: Information Technology , Security

Recent Posts

Barriers to Infection: Rethinking Mattress Cleaning

Laundering removable bed barriers provides a more effective, consistent and safer method for eliminating harmful bacteria compared to manual cleaning.

Over 1 Million Individuals Affected in Community Health Center Data Breach

No evidence of data misuse has been found so far.

Prospect Medical Holdings to Sell Crozer Health to Non-Profit Consortium

The sale includes Crozer Health’s operating assets, including all hospitals, ambulatory surgery centers, clinics and physician offices.

The Top States for Pest Infestations

Healthcare facilities are among the most popular locations for pest infestations.

Ground Broken on Wichita Biomedical Campus Project

The $172.5-million, eight-story, 350,000-square-foot building will be completed in 2026.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.