In 2024, a staggering 183 million patient records were compromised globally, marking a nine percent increase from the previous year, according to the Horizon Report 2025. This concerning trend raises questions about the healthcare sector’s ability to adequately protect itself against ransomware attacks.
To delve deeper into this issue, Absolute Security, a leading security provider, conducted an analysis of over a million endpoints in the healthcare industry. The findings revealed several key security gaps:
Missing or Non-Compliant Security Controls: Shockingly, 15 percent of the PCs analyzed were found to have critical security controls that did not align with internal security and risk policies, or were altogether absent from the devices. Basic security solutions such as Data Protection, Endpoint Protection Services (EPP/XDR), Security Service Edge (SSE), VPN, and Vulnerability Management solutions were assessed. These results underscore the fact that PCs and networks in the healthcare sector often lack a crucial first line of defense that can thwart attackers and exploits.
Delayed Patches: On average, Windows endpoints in healthcare facilities lag behind critical security patches by 48 days. The analysis highlighted that unpatched vulnerabilities are a primary cause of security breaches and ransomware infections. The failure to maintain basic security hygiene puts organizations at risk of data breaches and prolonged, disruptive outages.
Shadow AI Risks: The utilization of artificial intelligence (AI) is on the rise, with healthcare professionals frequently accessing platforms like ChatGPT and other generative AI platforms that are not compliant with the Health Insurance Portability and Accountability Act (HIPAA). This not only raises concerns about potential risks to patient data and violations of regulatory standards but also indicates a lack of oversight in regulating the use of shadow AI. While HIPAA is primarily a U.S. law, it may also be pertinent to German companies processing or accessing health data from the United States.
Thomas Lo Coco, Sales Manager Central Europe at Absolute Security, emphasized the gravity of the situation, stating that ransomware groups exploit vulnerable endpoints to disrupt operations and steal sensitive patient data. He also pointed out the increasing compliance risks faced by healthcare organizations struggling to maintain robust security controls and monitor AI-related threats. Lo Coco recommended a proactive resilience approach to help hospitals, clinics, and healthcare providers close security gaps, avoid regulatory violations, and swiftly recover after a cyberattack or IT incident.
In conclusion, the healthcare sector must prioritize cybersecurity measures to safeguard patient data, mitigate risks, and maintain compliance with regulations. By addressing the identified security gaps and staying vigilant against evolving threats, organizations can fortify their defenses and protect the integrity of their operations.