While ransomware groups have not spared any industry, attackers have put the healthcare sector at the top of their preferred targets. The surge in hospitals falling victim to breaches has raised concerns among regulators and government officials who have moved to push through new policies and legislation.
CommonSpirit, one of the largest nonprofit healthcare systems in the US, posted a privacy breach notice on Dec. 1, warning that 623,774 patient records were exposed after a breach on Sept. 16. The nationwide network of 140 hospitals and over 1,000 care facilities in 21 states confirmed that ransomware attackers accessed the patient records, but said there is currently no evidence that personal information was misused.