Toggle light / dark theme

A new study led by researchers from Michigan State University, Yale University and Johns Hopkins University reveals that ransomware attacks—which involve a hacker putting encryption controls into a file and then demanding a ransom to unlock the files—have become the primary driver of health care data breaches in the United States, compromising 285 million patient records over 15 years.

Published May 14 in JAMA Network Open, the study provides the first comprehensive analysis of ransomware’s role in health care breaches across all entities covered by privacy laws—hospitals, physician practices, and data clearinghouses—from 2010 to 2024.

“Ransomware has become the most disruptive force in health care cybersecurity,” said John (Xuefeng) Jiang, Eli Broad Endowed Professor of accounting and in the MSU Broad College of Business and lead author of the study. “Hospitals have been forced to delay care, shut down systems and divert patients—all while sensitive patient data is held hostage.”

Leave a Comment

If you are already a member, you can use this form to update your payment info.

Lifeboat Foundation respects your privacy! Your email address will not be published.