Cyberattacks can be enormously disruptive to hospital infrastructure and services.

Since the start of 2023, 15 healthcare systems operating 29 hospitals have been targeted by a ransomware incident, BankInfoSecurity reported May 31. 

Several health systems have faced financial repercussions due to data breaches and cyberattacks. Here are is how much three health systems are paying to dispute them:

Lancaster, Wis.-based Grant Regional Health Center is notifying 4,135 patients that some of their protected health information may have been compromised when an unauthorized party accessed one of its employee email accounts. 

A breach at medical billing company MedInform has compromised the data of Cleveland Clinic patients.

Two Idaho Falls, Idaho-based hospitals and partnering clinics reported a cyberattack on computer systems May 30.

Louisville, Ky.-based Norton Healthcare said it is still investigating a May 9 cyber event, but that it is getting closer to resuming operations that have been affected by it. 

An updated guide to help hospitals and healthcare facilities prevent ransomware attacks and subsequent data extortion tactics was rolled out May 24 by a Cybersecurity and Infrastructure Security Agency and FBI task force. 

The Royal ransomware group has claimed responsibility for a cybersecurity incident affecting Morris (Ill.) Hospital & Healthcare Centers, DataBreaches.net reported May 25.

Adam Rosen, chief information security officer at Buffalo, N.Y.-based Roswell Park Comprehensive Cancer Center, said that as hospitals and health systems continue to expedite their use of artificial intelligence, it could become another tool used as a threat against them, Buffalo Business First reported May 24. 

Morris (Ill.) Hospital & Healthcare Centers said an unauthorized third party has gained access to its computer network, which has potentially compromised the protected health information of patients.

CIOs and chief information security officers are trimming cybersecurity budgets that were once thought to be untouchable to deal with economic pressures, The Wall Street Journal reported. 

The New York attorney general's office recouped $550,000 from New York medical company Professional Business Systems — doing business as Practicefirst Medical Management Solutions and PBS Medcode Corp. — for failing to protect consumers' health records.

Louisville, Ky.-based Norton Healthcare said it is continuing to work through a backlog of MyChart messages as well as delays in network-related capabilities after a cyber event forced it to temporarily shut down its email and internet access, WDRB reported May 23.

A Lehigh Valley Health Network patient, whose breast cancer treatment photos were posted to the dark web by a Russian ransomware gang after a cyberattack at the health system, is trying to keep her lawsuit against the Allentown, Pa.-based system alive, Law360 reported May 22. 

Osceola, Iowa-based Clarke County Hospital is notifying current and former patients that some of their protected health information may have been compromised after an unauthorized third-party accessed its network. 

Here are 10 hospitals and health systems dealing with cybersecurity events, data breaches and cyberattacks as reported by Becker's since May 16:

Amazon's PillPack is notifying consumers that an unauthorized person took customer emails and passwords to log into 19,032 PillPack accounts.

The CEO who had to shut down his Tennessee medical center to deal with a cyberattack said it was one the hardest things he's ever had to do in healthcare, WKRN reported.

A North Carolina radiology group is suing its cyber insurance carrier after its coverage lapsed two days before it suffered a ransomware attack, The Wall Street Journal reported May 18.