Cyberattacks exposed over 276 million patient records in 2024, with 8 in 10 Americans having some form of medical data stolen, according to a report published this week by Check Point.
Ninety-two percent of healthcare organizations dealt with at least one cyber-attack in 2024, including a particularly sophisticated phishing campaign that has been active since at least March 20, 2024, that impersonates medical service providers, such as Zocdoc, and involves allusions to fabricated medical clinics.
The parties behind the attacks aim to steal sensitive employee and customer data, according to Check Point, as healthcare data can independently command premium prices on the dark web.
Healthcare organizations are advised to take action by implementing advanced filtering systems, educating employees about healthcare organization impersonation attempts, establishing phishing monitoring and response protocols and ensuring that employees' mobile devices are protected with cyber security software that can block phishing attempts.