A new Sophos report warns that ransomware gangs like INC Ransom, Qilin, and RansomHub are driving a sharp rise in attacks on hospitals and clinics, including high-profile breaches that have disrupted care for tens of thousands of patients. Extortion-style intrusions—where attackers quietly steal data before demanding payment—have tripled since 2023, making healthcare the hardest-hit critical-infrastructure sector. Experts say the industry remains vulnerable because lifesaving care takes priority over cybersecurity, creating opportunities for groups that have already caused patient diversions, service shutdowns, and even contributed to deaths. Still, the report highlights progress: more providers are recovering within a week, fewer are paying ransoms, and regular rehearsals of incident-response plans are helping organizations turn crises into manageable events.

Download the Sophos report from CyberLab: