AI and the Rising Tide of Healthcare Cyberattacks

Steve Alder of The HIPAA Journal reports on a survey that shows nearly half of healthcare organizations worldwide experienced at least one cybersecurity incident between March 2024 and March 2025.

Netwrix, which surveyed more than 2,100 IT professionals across 121 countries for its 2025 Cybersecurity Trends Report, found that the healthcare industry continues to face mounting financial and operational risks from cyberattacks, particularly ransomware and phishing.

Healthcare is a top target because patient records are lucrative on the black market, and because downtime can endanger lives. Over the past year, 48% of healthcare entities reported security breaches requiring dedicated response efforts.

The financial toll has grown sharply: in 2025, 12% of healthcare organizations suffered cyberattack-related losses exceeding $500,000, up from just 2% the prior year.

This figure is double the cross-sector average, confirming healthcare’s disproportionate exposure to costly attacks.

Netwrix’s data indicates that attackers are increasingly exploiting AI tools to craft more convincing phishing and social engineering campaigns. Thirty-seven percent of respondents reported that AI-driven threats compelled them to enhance their defenses.

A significant portion of organizations have yet to implement AI-based security measures.

Phishing remains the leading cause of incidents in both cloud and on-premises environments, followed by account compromise and ransomware. As operations migrate to the cloud, attackers are expanding their reach, targeting critical workloads that store sensitive information.

These findings point to urgent priorities for legal teams advising healthcare clients. Chief among them are reinforcing identity infrastructure, applying zero-trust principles, and ensuring proper governance over AI-enabled tools.

The report’s data shows that automation and proactive defense, rather than reactive recovery, must form the foundation of future cybersecurity strategies in healthcare.