The Effect of Ransomware Attacks on US Hospitals and Adjacent Health Systems


As health care technology advances and cyberattack threats loom large, researchers aimed to assess the effect of ransomware attacks on US health systems.

Observing ransomware cyberattacks in California from 2014 to 2020, targeted facilities saw mean decreases in emergency department (ED) visits and inpatient admissions, while adjacent, unattacked hospitals experienced a mean increase in ED visits. It took hospitals that were attacked 8 weeks to return to preattack inpatient admission and ED visit rates.

“Ransomware attacks on hospitals involve hackers encrypting computer networks and demanding payment for their restoration, potentially disrupting the delivery of health care services. These incidents have been increasing in the US, especially since the COVID-19 pandemic. Between 2016 and 2021, more than 370 attacks occurred on US clinics, hospitals, and other health care organizations; the number of attacks doubled over this time,” wrote authors of the study published in JAMA.1

Key Takeaways

  • Researchers addressed several ransomware attacks across the US dating back to 2014 up until 2021.
  • Ransomware attacks on hospitals involve hackers encrypting computer networks and demanding payment for their restoration, potentially disrupting the delivery of health care services.
  • While these attacks doubled in the past decade, researchers have urged hospitals to boost cybersecurity and Congress to enact protections against threats of cyberattacks.

Indeed, the risk of cyberattacks on US health systems has grown increasingly concerning. This past February, Change Healthcare, a subsidiary of UnitedHealth Group, experienced an unprecedented ransomware attack affecting the health information of about a third of all Americans.2

In the attack, ransomware technology forced UnitedHealth to pay a $22 million ransom for the restoration of its systems. But the Change cyberattack is just 1 of several ransomware attacks reported nationwide in the past decade.

ransomware on digitized globe

Just this year, ransomware technology forced UnitedHealth to pay a $22 million ransom for the restoration of its systems. | image credit: darkfoxelixir /

In Abouk et al’s study, researchers identified 8 ransomware attacks leading to disruptions in 15 hospitals across California from 2014 to 2020. There were 355 unattacked hospitals, along with 82,359,450 ED visits and 23,475,497 inpatient admissions included in the study.1

Hospitals that were attacked saw a mean of 740.90 ED visits and 182.25 inpatient admissions the week before the ransomware was deployed. The week after each attack, the same hospitals saw a decrease of 8.10% for ED visits and a decrease of 8.16% for inpatient admissions. By the second week after the attacks, the decrease in ED visits reached 16.21% while the decrease in admissions reached 16.62%. It took 8 weeks for ED visits and inpatient admissions to reach their preattack levels.

As for the unattacked hospitals included in the study, 17 were nearby hospitals and another 20 belonged to the same hospital service area (HSA) as attacked hospitals. For these hospitals, ED visits increased for up to 4 weeks, but there were no significant changes in inpatient admissions.

With a decrease in admission for attacked hospitals and an increase in unattacked hospitals, researchers found that the effects of each ransomware attack were not solely experienced by the targeted hospital. Instead, adjacent and nearby hospitals and health systems were forced to shoulder an influx of patients affected by the cyberattacks.

READ MORE: Ascension Hospitals Face Disruptions from Suspected Cyberattack

Authors of a previous study, published in JAMA Network Open, “found that hospitals adjacent to health care delivery organizations affected by ransomware attacks may see increases in patient census and may experience resource constraints affecting time-sensitive care for conditions such as acute stroke. These findings suggest that targeted hospital cyberattacks may be associated with disruptions of health care delivery at nontargeted hospitals within a community and should be considered a regional disaster.”3

The Change cyberattack amalgamated into the most consequential attack of its kind in the history of US health care.4 Similar ransomware attacks, however, have been occurring for the past decade, forcing health systems to become proactive about protecting their technology and their patients’ information.

Another previous study analyzed the 374 ransomware attacks from 2016 to 2021 and found a 100% increase in attacks during that time, affecting the health information of nearly 42 million patients.5

“Ransomware attacks on health care delivery organizations increased in frequency and sophistication… As policy makers craft legislation aimed at countering the threat of ransomware attacks across multiple industries, we urge them to focus on the specific needs of health care delivery organizations, for which operational disruptions may carry substantial implications for the quality and safety of patient care,” wrote the authors.5

With researchers identifying an increase in ransomware attacks across several studies, the issue of cybersecurity has become one of the biggest in health care today. Congress has since been called to address this issue as HSAs continue to prepare for the almost inevitable instance of future attacks.

“This study found a temporary decrease in ED visits and inpatient admissions in hospitals targeted by ransomware attacks and a temporary increase in ED visits in unattacked nearby hospitals in California, suggesting that the consequences of such attacks are broader than the targeted hospitals,” concluded Abouk et al.1

Want to take a deeper dive into the latest hospital cyberattacks? Visit our sister site, Chief Healthcare Executive.

Ready to impress your pharmacy colleagues with the latest drug information, industry trends, and patient care tips? Sign up today for our free Drug Topics newsletter.

1. Abouk R, Powell D. Ransomware attacks, ed visits and inpatient admissions in targeted and nearby hospitals. JAMA. Published online May 29, 2024. doi:10.1001/jama.2024.7752
2. Gilbert D, Diamond D. UnitedHealth CEO faces grilling from Congress over Change Healthcare hack. Washington Post. May 1, 2024. Accessed May 1, 2024.
3. Dameff C, Tully J, Chan TC, et al. Ransomware attack associated with disruptions at adjacent emergency departments in the US. JAMA Netw Open. 2023;6(5):e2312270. doi:10.1001/jamanetworkopen.2023.12270
4. Congress urged to help hospitals impacted by Change Healthcare cyberattack. American Hospital Association. March 19, 2024. Accessed May 31, 2024.
5. Neprash HT, McGlave CC, Cross DA, et al. Trends in ransomware attacks on US hospitals, clinics, and other health care delivery organizations, 2016-2021. JAMA Health Forum. 2022;3(12):e224873. doi:10.1001/jamahealthforum.2022.4873
Related Content
© 2024 MJH Life Sciences

All rights reserved.