72% of Healthcare Organizations Report Patient Care Disruption Due to Cyberattacks 

Cyberattacks in healthcare reach far beyond IT systems. The latest report from Proofpoint and the Ponemon Institute reveals that these incidents increasingly disrupt patient care. 

The fourth annual study, Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care 2025, surveyed 677 U.S. healthcare IT and cybersecurity professionals. It found that cyber threats are not just limited to data loss or downtime—they can directly influence clinical safety and outcomes. 

Over the past year, 93% of healthcare organizations experienced at least one cyberattack, averaging 43 incidents per organization. As more providers move to digital and cloud-based systems, the connection between cybersecurity and clinical continuity is becoming even more apparent. 

Impact on Clinical Operations 

Nearly three in four (72%) healthcare organizations that experienced a cyberattack in the past year reported an impact on patient care—up from 69% the previous year. The findings indicate that system disruptions can extend beyond IT downtime to influence clinical workflows and treatment delivery.  Among affected organizations: 

• 54% reported more medical procedure complications 
• 53% saw longer patient stays 
• 29% reported higher mortality rates associated with cyber events 

Attack Types and Trends 

Ransomware incidents remained a significant concern, often leading to longer hospital stays and patient transfers. The report identified several other types of attacks contributing to patient care disruption: 

• Supply chain attacks caused the highest rate of disruption (87%), though they occurred less frequently than in 2024. 
• Business email compromise (BEC) was linked to delayed tests and procedures (65%). 
• Cloud and account compromises were most common, affecting 72% of respondents; 61% of these organizations reported increased complications, and 36% reported higher mortality rates. 

Human Factors and Insider Risk 

Earlier this year the 2025 Verizon Data Breach Investigations Report also showed that the human element was a factor in roughly 60% of breaches. One of the most prominent examples of this occurred in May 2024 when an employee accidentally downloaded a malicious file they thought was legitimate, leading to the Ascension ransomware attack. 

Human behavior continues to play a key role in cybersecurity incidents. Nearly all respondents to the recent study experienced at least two data loss or exfiltration events in the past two years, averaging 18 per organization. Over half of these incidents disrupted care or led to delayed procedures. Primary causes included: 

• employee failure to follow policies 
• privileged access abuse  
• employees unintentionally sending PII or PHI to the wrong recipient via email 

Organizational Capacity and Leadership 

Despite rising investment in cybersecurity, staffing and governance remain key challenges: 

• 43% cited a shortage of skilled cybersecurity professionals. 
• 40% identified unclear leadership or strategy ownership. 
• Budget limitations were reported by 37%, slightly lower than last year. 

Artificial Intelligence and Healthcare Data Protection 

As healthcare organizations advance digital transformation and adopt AI-driven tools, maintaining strong cybersecurity practices remains essential to safeguard patient safety and operational continuity.  

• 57% of respondents reported using AI, with 30% applying it to cybersecurity and 27% to both cybersecurity and patient care. 
• 55% said AI has been effective for strengthening cyber defenses. 
• 60% cited data protection challenges within AI systems, 
• 38% identified generative AI tools as a new area of risk. 

View our recent articles about ambient scribes and OS agents to learn how these AI tools can be used effectively without compromising PHI.

The Joint Commission and the Coalition for Health AI (CHAI) issued their first joint guidance on the responsible use of AI in healthcare in September, outlining principles to help hospitals and health systems adopt the technology safely. Learn more.