Healthcare sector experienced the highest number of breaches in 2024, according to the report.
getty
While headlines may focus on attacks targeting PayPal users and reports of millions of stolen credit cards circulating for free on the dark web, it’s essential to recognize that healthcare hacking represents a more lucrative opportunity for cybercriminals.
Healthcare Data Breaches Surpass Finance in 2024
The latest breach outlook report for 2025, released on February 24 by the Kroll Cyber Risk team, analyzed which industry sectors faced the most significant attacks throughout 2024. The findings might surprise many, as healthcare has overtaken finance as the primary target for data breaches, accounting for nearly a quarter of all incidents reported by Kroll analysts.
Key highlights from the report include:
Healthcare was the most breached industry in 2024, comprising 23% of all incidents, closely followed by finance at 22%, which fell from 26% the previous year.
The technology sector experienced a 46% reduction in data breaches, while education (38%) and retail (33%) also saw significant declines. However, according to Kroll, technology was the most “proactive post-breach” sector, with 33% of inquiries occurring after breach notifications, compared to 30% in healthcare and a surprisingly low 18% for finance.
Regarding the uptake of identity protection offers for consumers affected by data breaches, healthcare led with 45%, with many recipients also opting for credit monitoring as part of the post-breach protection options.
2024 Cyberattacks Prompt Healthcare Boards to Reflect on Business Risks
“The year 2024 was, regrettably, notable for the healthcare industry,” stated Denyl Green, global head of identity theft and breach notification at Kroll, “as it faced numerous cyberattacks that compelled healthcare boards to reconsider the overall risk to their organizations.” The increase in attacks is straightforward: financial motivation. “Healthcare data can fetch prices up to $1000 on the dark web, in contrast to the $5 value of a credit card number,” Green noted; “Furthermore, the potential impact on patient safety means healthcare institutions are often more inclined to meet ransom demands during ransomware incidents to quickly restore their systems and maintain uninterrupted patient care.”
