Hacking Your Health: Can Your Electronic Health Record be Hacked?

July 29, 2022

By: Christopher A. Iacono , Rebeca Himena Miller

Takeaway: With ransomware attacks increasing over the past few years, healthcare organizations can expect hackers to make ransom demands while holding their computer systems hostage.


Everything comes back in style. In the 90s, computer hackers learned how to infiltrate networks, hold them hostage, and demand payment to make them functional again.  Recently, this strategy has resurged in the healthcare industry, potentially placing people’s lives at risk.

From 2021 to 2022, the number of ransomware attacks on healthcare organizations skyrocketed by 94%. This resulted in two-thirds of healthcare organizations in the U.S. experiencing some form of a ransomware attack in 2021, up from 34% in 2020. According to cybersecurity experts, ransomware attacks on healthcare organizations were always common. But it is the increase in frequency and severity of these attacks now that is worrisome.

These attacks can have devastating consequences.  Most recently in San Diego, California, treatments at a chemotherapy facility were delayed and, at another healthcare facility, ambulances were diverted from the emergency room after computer systems were frozen by an attack. In 2021, the first lawsuit alleging “death by ransomware” occurred where a mom sued a hospital for fatal brain damage to her newborn after heart rate monitors failed because of an attack.

Healthcare facilities are high-profile targets because attackers know the facilities are willing to pay high ransoms to safeguard people’s lives. In fact, 61% of healthcare organizations paid attackers ransom to resolve a ransomware attack in 2021.

Most of these attacks are carried out by private criminal groups. Conti, a crime syndicate out of Russia, was traced back to 30% of ransomware attacks in 2021. And just two weeks ago, the FBI revealed in June that it successfully thwarted an attack from Iran on a children’s hospital in Boston.

As this unsophisticated tactic of the recent past resurfaces, organizations that utilize or transmit private health information must ensure that they are prepared. This may include implementing more comprehensive security systems, conducting employee training, or revamping their data security policies to minimize the threat of data breaches.

Here are additional articles about the latest health system data breaches:

News & Events

Related News

24 Pietragallo Lawyers Named in 2022 Pennsylvania and Florida Super Lawyers and Rising Stars
May 23, 2022
Pietragallo is pleased to announce that 24 lawyers have been named as 2022 Super Lawyers and Rising Stars, including partner Marc Raspanti who was recognized in the Top 100 in Pennsylvania and Philadelphia. Read More
24 Pietragallo Lawyers Named in 2021 Pennsylvania Super Lawyers and Rising Stars
June 9, 2021
Including Recognition in Top 100 in Pennsylvania and Top 100 In Philadelphia Pietragallo Gordon Alfano Bosick & Raspanti, LLP is pleased to announce that 24 attorneys have been named as 2021 Super Lawyers and 2021 Rising Stars, including two attorneys who were also recognized in the Top 100 in Pennsylvania and Top 100 in Philadelphia. Read More
View More News & Events