183 million patient records exposed in 2024, cyber threats escalate: Fortified Health Security

TENNESSEE, UNITED STATES — Fortified Health Security, a leader in healthcare cybersecurity, has released its 2025 Horizon Report, unveiling critical insights into the escalating cyber threats facing the healthcare sector.
The report, a trusted resource since 2017, highlights alarming data breach trends and offers expert-backed strategies to bolster cyber resilience.
Data breaches surge in 2024
The report reveals a troubling 9% increase in exposed patient records, rising from 168 million in 2023 to 183 million in 2024. Business Associates, though accounting for fewer attacks than the previous year, were responsible for 67% of all exposed records.
Meanwhile, Healthcare Clearing Houses saw a staggering 2,000% surge in cyberattacks, underscoring their growing vulnerability.
Phishing attacks also spiked, with email breaches increasing by 18%, solidifying phishing as a preferred tactic for cybercriminals. Network servers remained the most common breach target.
“2024 was a challenging year for cybersecurity among healthcare organizations,” said Dan Dodson, CEO of Fortified Health Security. “Mega breaches like Change Healthcare—the largest ever reported in the United States—sent shockwaves through the industry.”
AI and financial pressures add to cybersecurity struggles
The Horizon Report identifies artificial intelligence (AI) as both an opportunity and a risk for healthcare cybersecurity. As hospitals increasingly integrate AI into operations, they face new attack vectors while navigating financial constraints and talent shortages.
“As we enter 2025, the healthcare sector will be confronted with a rise in cyberattacks, strict legislative regulations and the ongoing enhancement of AI,” Dodson noted in the report.
“There are no ‘one-size-fits-all’ answers to confronting these challenges. That is why collaboration is critical to safeguarding cybersecurity risks.”
Expert guidance on building cyber resilience
Fortified’s Horizon Report features contributions from cybersecurity leaders like Paul Connelly and offers actionable advice on managing third-party risks and securing critical infrastructure. The report emphasized lessons learned from high-profile breaches such as Change Healthcare and provides strategies to navigate the evolving threat landscape.
The report also urged healthcare organizations to prioritize cybersecurity investments and foster collaboration to protect sensitive patient data from increasingly sophisticated attacks.
“With the Horizon Report, we aim to chart a path forward for healthcare organizations by gathering the latest expert insights and best practices for cyber resilience,” Dodson added.
Fortified Health Security’s findings underscore the urgency of addressing these challenges as cyber threats continue to grow in scale and complexity.