A new report from the Health Information Sharing and Analysis Center reveals that ransomware attacks targeting healthcare systems have doubled compared to the same period last year. Over 140 hospitals and health networks have reported significant incidents in the first quarter of 2026 alone.
The attacks have resulted in diverted ambulances, delayed surgeries, and compromised patient records at facilities across 30 states. Average ransom demands have increased to $4.5 million, with recovery costs often exceeding $10 million per incident.
Federal officials are urging healthcare organizations to adopt minimum cybersecurity standards and are considering mandatory reporting requirements. The HHS has proposed $1.3 billion in funding to help smaller hospitals upgrade their security infrastructure.
