Cybersecurity Threats Surge in Healthcare Sector: Report Highlights Alarming Trends

A new report reveals that the healthcare sector is facing an unprecedented wave of cybersecurity attacks, with significant implications for patient data security. The findings indicate that healthcare and pharmaceuticals accounted for a substantial share of cyber incidents in India, with hospitals becoming prime targets for data theft and extortion. The report highlights the severe impact of ransomware and the permanence of patient records, making them highly valuable in underground markets. As cyber threats continue to evolve, the healthcare industry must prioritize robust cybersecurity measures to protect sensitive information and ensure patient safety.

By Narendra Chaudhary Mar 23, 2026, 15:18 IST

Cybersecurity Attacks on Healthcare Reach Alarming Levels

New Delhi, March 23: A recent report indicates that the healthcare industry has been the primary target of cybersecurity breaches, with the education and manufacturing sectors collectively accounting for nearly 47% of all cyber incidents detected in India from October 2024 to September 2025.

According to findings from Seqrite, the cybersecurity division of Quick Heal Technologies Ltd., the healthcare and pharmaceutical sectors alone experienced approximately 3.79 million cyberattack detections, representing a significant 14.24% of the total incidents in the nation.

The report highlights that hospitals and clinics in India have faced a continuous barrage of cyber threats, making their networks prime targets for data theft, extortion, and operational disruptions.

It emphasizes that environments rich in data and constantly connected have become attractive targets for cybercriminals.

Nearly 70% of the attacks were attributed to Trojans and file infectors, while remote access Trojans and loader-based malware were specifically used to compromise pharmaceutical research and development data, indicating motives of espionage and intellectual property theft.

Although ransomware accounted for less than 1% of total detections, its operational impact was disproportionately severe. Ransomware incidents peaked in January 2025, with over 0.81 million detections and 185 reported incidents. Many of these attacks exploited phishing, cracked software, exposed remote desktop services, or supply chain vulnerabilities, which are also common methods for breaching hospital information systems and disrupting patient care.

The report elaborates that unlike payment information, which can often be reset, patient records are permanent. Medical histories, diagnostic reports, prescription records, insurance details, and personally identifiable information cannot simply be 'reissued' after a breach.

This permanence renders healthcare data extremely valuable in underground markets and extortion schemes, where stolen records can be weaponized for blackmail, fraud, and long-term profiling.

Furthermore, the report warns that a compromised radiology system could delay critical diagnoses. "Manipulated lab results can adversely affect treatment decisions. Exfiltrated clinical trial data can jeopardize years of research investment," it cautioned.