The rise in hospital and health system cyberattacks is adding to the financial pressures many organizations are still facing due to the COVID-19 pandemic, Bloomberg reported June 23.
According to John Riggi, the national adviser for cybersecurity and risk at the American Hospital Association, 2023 is set to have more widespread attacks than 2022, as healthcare facilities have faced 266 digital incursions affecting 36 million individuals this year.
Cyberattacks on hospitals have also tripled in the past five years and are increasingly becoming more sophisticated.
These attacks are costly, and come at a time when hospitals and health systems are dealing with slimmer margins, higher costs and staffing shortages.
Becker's reported that several hospitals and health systems have faced financial repercussions due to data breaches and cyberattacks.
For instance, Chicago-based CommonSpirit upped its current estimate of losses stemming from a cyberattack in October to $160 million when it released first-quarter results May 15.
The original cost was estimated at $150 million, although the health system said it expects to recover most of the expenses.
Other health systems like Worcester-based UMass Memorial Medical Center and Altamonte Springs, Fla.-based AdventHealth have faced lawsuits for cyber incidents, requiring them to pay to resolve them.
UMass Memorial Medical Center paid $1.2 million to settle a March 2022 lawsuit regarding a data breach of its payroll management system Kronos, while AdventHealth agreed to pay $500,000 to settle a data breach lawsuit alleging that the health system failed to protect patients' confidential information after a September 2021 data breach.