Cybersecurity Vulnerabilities in North American Healthcare Systems
Canada's healthcare sector is facing significant cybersecurity challenges as it undergoes rapid digital transformation, with a recent report highlighting increased exposure to ransomware, data theft, and operational disruptions. The Pulse Check: Cybersecurity in Healthcare in Canada report, launched at the InCyber Conference in Montreal, reveals that one in three Canadian healthcare institutions experienced an attempted ransomware attack in the past year. Hospitals and health authorities are particularly vulnerable to threats such as phishing, insider attacks, and exploitation of legacy systems. The report emphasizes that the issue is not solely technological but also cultural, underscoring the need for workforce readiness and cross-sector collaboration to strengthen cyber resilience. Medical device manufacturers and provincial regulators are urged to adopt a holistic approach to risk, integrating data privacy and operational continuity with patient care. Canadian cities like Montreal, Toronto, and Calgary are emerging as leaders in cybersecurity innovation, fostering talent and research to protect public institutions. Targeted ransomware campaigns against Canadian hospitals have surged since 2023, often perpetrated by organized criminal groups exploiting underfunded infrastructure. Meanwhile, in the United States, a report from the Department of Health and Human Services' Office of Inspector General (HHS OIG) found that Medicaid management and enrollment systems in nine states and Puerto Rico have generally effective controls against basic cyberattacks but remain vulnerable to more sophisticated threats. Penetration testing conducted between 2020 and 2022 revealed that while some attacks are thwarted, improvements are necessary to defend against advanced tactics. State Medicaid systems are increasingly targeted due to the sensitive data they hold, with a rise in ransomware, phishing, and denial-of-service attacks posing significant risks. At least six U.S. states have reported major breaches of Medicaid systems between 2012 and 2023, highlighting the persistent threat landscape. Both Canadian and U.S. healthcare sectors are grappling with the dual challenge of modernizing digital infrastructure while addressing evolving cyber threats. The reports stress the importance of integrating cybersecurity into every aspect of healthcare operations, from frontline staff awareness to regulatory oversight. The growing sophistication of cybercriminals necessitates continuous investment in security measures and workforce training. Collaboration between public and private sectors is identified as a key factor in building resilient healthcare systems. The findings underscore that patient safety is intrinsically linked to robust cybersecurity practices. As healthcare organizations become more interconnected, the potential impact of cyber incidents on patient care and data privacy increases. The reports call for urgent action to address security gaps and foster a culture of cyber vigilance across the healthcare ecosystem. Both countries are urged to prioritize cybersecurity as a fundamental component of healthcare delivery. The ongoing digital transformation presents both opportunities and risks, making proactive security strategies essential for safeguarding critical infrastructure. The convergence of technological, human, and regulatory factors will determine the resilience of North American healthcare systems against future cyber threats.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
SC World highlights cybersecurity risks facing Canadian healthcare infrastructure
SC World published an analysis describing Canada's healthcare sector as a vulnerable digital infrastructure environment requiring stronger cybersecurity protections. The reference is a thematic assessment rather than a discrete incident, so the publication date is used as the event date.
HHS watchdog flags Medicaid IT security gaps in some states
A U.S. Department of Health and Human Services watchdog report identified information security weaknesses affecting Medicaid systems in some states. The reference indicates this finding was publicly reported by October 2025, but provides no more specific event date.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Cybersecurity Risks in Healthcare Software and Hospitals
Healthcare organizations remain under sustained cyber pressure, with **764 incidents reported in 2025** versus 749 the previous year, according to French health-sector reporting cited by *ZDNet*. A national survey of healthcare executives found that **15% of facilities** said they had experienced a cyber incident causing disruption since 2022, while leadership concerns in a crisis center on **continuity of care**, financial impact, and staff working conditions. The reporting indicates cyber risk is now treated as a governance issue rather than only a technical one, but resource constraints and the need to strengthen hospital information systems remain major obstacles. Germany’s **BSI** separately warned that software security in the healthcare sector is still inadequate after testing standard configurations of several medical and practice-management applications. In that review, **three of four** examined practice management systems contained chains of weaknesses that could have enabled **internet-based attacks**, including the use of outdated encryption algorithms; vendors were notified and reportedly remediated the issues. A separate *ZDNet* article about manipulation of online payment flows at Spanish hotels concerns a **different incident** in the payment sector and is not part of the healthcare story.
May 24, 2026
Multiple Healthcare Data Breaches and Regulatory Actions in the US
Several healthcare providers in the United States have recently disclosed significant data breaches resulting from cyberattacks, with patient and employee information being compromised. AllerVie Health, based in Texas, confirmed unauthorized access to its network, exposing sensitive data such as names, Social Security numbers, and insurance details, allegedly due to a ransomware attack by the Anubis group. The attackers claim to have stolen records of over 30,000 patients, and affected individuals have been offered credit monitoring and identity theft protection. In a separate incident, OrthopedicsNY, a healthcare provider in New York, suffered a breach in 2023 after attackers gained remote access using compromised credentials, leading to the exposure of data belonging to more than 650,000 patients and employees. The New York Attorney General secured a $500,000 penalty from OrthopedicsNY for failing to implement adequate security measures, and the provider is now required to enhance its data protection practices. Additionally, Singing River Health System in Mississippi reported a cyber incident that led to the temporary shutdown of its patient portal and internet access as a precaution. While the threat was reportedly mitigated, the investigation is ongoing to determine if patient records were accessed. These incidents highlight the ongoing risks faced by healthcare organizations from ransomware groups and other cybercriminals, as well as the increasing regulatory scrutiny and financial penalties for failing to protect sensitive health information. Impacted organizations are responding with offers of credit monitoring and reviews of their security policies, but the breaches underscore the need for robust cybersecurity measures in the healthcare sector.
Mar 21, 2026
Cyberattack Trends and Impact on Healthcare and African Organizations
African organizations have remained the most targeted globally for cyberattacks, experiencing more than 3,000 attacks per week over recent months, according to data from Check Point Research. Despite a 10% decline in attacks in September, Africa continues to lead the Global South in cyberattack frequency, with regions such as East and West Africa accounting for a significant portion of reported cybercrimes. The persistent high attack rate is attributed to factors such as limited national-level cyber defense measures, insufficient regulatory frameworks, and a lack of widespread cybersecurity education among corporate employees. Interpol reports that nine out of ten African countries lack the legal and investigative capabilities necessary to effectively combat the surge in cybercrime, further exacerbating the region's vulnerability. The disparity in attack frequency between Africa and regions like North America and Europe is stark, with the Global South experiencing roughly double the number of weekly cyberattacks. Policy measures and increased law enforcement efforts may be contributing to the recent decline, but experts caution that this trend may not be sustainable without continued investment in cybersecurity infrastructure and education. The impact of these attacks is not limited to operational disruptions; they also have significant economic and social consequences, straining already limited resources and undermining trust in digital systems. In the healthcare sector, cyberattacks have had a direct effect on patient safety and care delivery, with 93% of U.S. healthcare organizations reporting at least one cyberattack in the past year. These attacks, which include ransomware, cloud account compromises, and supply chain intrusions, have led to delayed procedures, longer hospital stays, and in some cases, poorer patient outcomes. Financially, the average cost of the most damaging cyber incident in healthcare was reported at $3.9 million, with operational disruptions being the largest expense. Human error remains a significant driver of breaches, highlighting the need for improved cybersecurity awareness and training. Healthcare leaders are advised to focus on foundational controls such as vulnerability management and network segmentation to reduce risk, even when resources are limited. Investing in user-centric security controls and fostering a culture of cybersecurity awareness are critical strategies for both African organizations and healthcare providers globally. The ongoing threat landscape underscores the importance of aligning cybersecurity investments with the protection of people and data, as well as the need for robust legal and investigative frameworks to deter and respond to cybercrime effectively.
Mar 21, 2026