The critical state of digital security in the US healthcare system: 65% of the largest US healthcare institutions have recently been victims of a data breach, and 98% have had at least one breach in the past.
Analysis of the digital security of the 100 largest US hospitals and healthcare systems. The results are shocking: 79% of institutions received a D or F rating for cybersecurity. This indicates the presence of critical vulnerabilities in the majority of institutions, including SSL/TLS configuration errors, the use of compromised passwords and phishing vulnerabilities.
The most common problems include incorrect SSL/TLS configuration (detected in all 100% of cases) and problems with hosting systems. **77% of healthcare institutions had lost staff credentials, and 30% experienced critical technical shortcomings. Only 5% of hospitals demonstrate a high level of security. The worst situation is observed in the Western states, where the average score is only 65 out of 100, while in the South and Midwest – 73-74. The states of Texas, Florida and North Carolina lead in the number of institutions with large-scale data breaches.
In 2024, the number of data breaches in the US healthcare sector reached a record high – 276 million records, which is 81% of the country’s population. This is 64% more than in the previous year. Against the background of these threats, Cybernews developed the Business Digital Index – a tool for assessing risks in seven key areas, including email security, software patching, system reputation and leak history. The methodology is based on open source analysis, domain and IP address scanning, as well as data from IoT search engines.
The US healthcare system is on the verge of a digital disaster. In an era where personal medical data has become a strategic target for attackers, hospitals have been left massively unprotected. Without radical changes and a centralized digital strategy, patients will remain vulnerable to attacks and blackmail.
165 
159 
193 