Ransomware attacks involve hackers locking people out of their own data and demanding a payoff to regain access. But when patient data is held for ransom for hours or months, lives are on the line.
A new report by Comparitech identified 172 ransomware attacks on U.S. health care groups since 2016.
Those attacks cost an estimated $157 million in downtime and delayed treatment for more than 6 million patients.
Comparitech editor Paul Bischoff says companies should minimize human error through training.
"The second thing is creating backups regularly and, soon as the backup's completed, they're on a separate storage network that's not connected to the rest of the hospital's network, so it can't get infected," he said.
In Arizona, three attacks affected nearly 12,000 people and totaled $2.7 million to $4.2 million in downtime.
The victims included a cosmetic surgery provider, a retirement community and a clinic.
The study based its tallies on the states in which a medical company was headquartered.
California accounted for 14.5% of the attacks, but the state is also home to 12% of the U.S. population and a high concentration of health care providers.
By contrast, Michigan providers suffered only five ransomware attacks but saw 1.1 million people affected by just two incidents: one at a medical supply company, the other at a medical billing company.
Both have clients located in more than one state.
By submitting your comments, you hereby give AZPM the right to post your comments and potentially use them in any other form of media operated by this institution.