Healthcare ransomware attacks shift from hospitals to vendors: Report

Ransomware attacks on U.S. healthcare businesses have increased in 2025, even as incidents targeting hospitals and clinics declined, according to a new report from Comparitech published Oct. 9.

Here are five key findings from the report:

1. From January through September, 257 ransomware incidents were recorded across U.S. healthcare providers and related businesses, up slightly from 252 during the same period in 2024, Comparitech found.
2. Attacks on healthcare businesses — including technology vendors, pharmaceutical firms and billing providers — rose 51%, from 43 to 65. Attacks on hospitals and other care providers dropped 8%, from 209 to 192.
3. Comparitech researchers said the shift may reflect growing security awareness among hospitals following a string of high-profile attacks in recent years, such as the 2024 breach at St. Louis-based Ascension, which is headquartered in St. Louis, that exposed data from nearly 5.6 million patients.
4. Among confirmed U.S. incidents, Comparitech said the average ransom demand was $514,000 for healthcare providers and $532,000 for healthcare businesses.
5. The INC and Qilin ransomware strains were among the most active in healthcare attacks, with INC responsible for the most confirmed incidents against providers and Qilin leading among healthcare businesses.

The post Healthcare ransomware attacks shift from hospitals to vendors: Report appeared first on Becker’s Hospital Review | Healthcare News & Analysis.