Ransomware attacks have exposed the records of more than 11,000 patients in Arizona and cost health care providers up to $4.2 million, according to researchers.
Researchers at Comparitech gathered information on ransomware attacks targeting the health care industry nationwide since 2016 to try to understand trends and how large the issue has become.
Ransomware is malicious software that takes control of a target’s computer systems unless certain demands are met.
Researchers were somewhat restricted in their evaluation, as the U.S. Department of Health Services only publishes data breaches that affect more than 500 people.
“Due to the limitations with uncovering these types of breaches, we believe the figures only scratch the surface of the problem,” Comparitech said in its blog detailing the findings.
Comparitech found that, since 2016, Arizona health care companies have been victims of three ransomware attacks that affected 11,828 patient records.
Researchers estimated that this would have created downtime costs ranging between $2.75 million and $4.2 million.
The good news for Arizona residents is that Arizona companies were attacked less than other states, and only 0.16% of Arizona residents were affected.
However, as noted by Ars Technica, the health care industry has been struggling to keep up with this burgeoning risk.
In 2019, data breaches cost the health care industry $4 billion, and an economic impact report commissioned by the Health System Alliance of Arizona found that hospitals employ 7% of the state’s total 2.9 million workers.
“With hospitals and other health providers often being seen as ‘easy targets’ for hackers, ransomware will continue to be a growing concern for organizations and patients alike,” researchers said.