Career > Health Technology

Gen Z is stealing your health data—and the consequences may be worse than you think

By Todd Neale | Fact-checked by Barbara Bekiesz
Published January 3, 2025

Key Takeaways

Industry Buzz

  • "There is no such thing as enough preparation/security, and institutions should begin to view these incidents as a matter of when, and not if." — Jeffrey Tully, MD

  • "[This] could have very negative consequences to human life. [...] People may sit at home and say, well, I’ll just deal with this later and get care at some other time. And we all know delaying needed medical care could be a contributing factor for further complications later.” — Errol Weiss, Chief Security Officer for Health-ISAC

Find more of your peers' perspectives and insights below.

A new wave of cybercriminals, dubbed “advanced persistent teenagers,”[] is putting healthcare organizations in their crosshairs. Armed with social engineering tactics and a hunger for data—and ransom—they’re breaching systems, disrupting care, and leaving lasting damage.

With ransomware attacks on the rise and even the federal government sounding the alarm, it’s clear: Safeguarding your network isn’t just about protecting data—it’s about protecting patients.

The tech-savviest generation?

This new generation of hackers, with names like Lapsus$ and Scattered Spider, breach healthcare systems by using fake emails and phone calls to trick employees into giving them network access. The attacks “are highly effective, have caused huge data breaches affecting millions of people, and resulted in huge ransoms paid to make the hackers go away.”[]

The federal government has taken notice and issued warnings about these types of activities. In October 2024, for instance, the Department of Health and Human Services’ (HHS) Office of Information Security and the Health Sector Cybersecurity Coordination Center issued a profile report on Scattered Spider. Made up of individuals mostly between the ages of 19 and 22 living in the US and UK, Scattered Spider has targeted various industries, including healthcare.[]

Jeffrey Tully, MD, co-director of the UC San Diego Center for Healthcare Cybersecurity in California, tells MDLinx that cyberthreats today include an increasing number of ransomware attacks targeting healthcare delivery organizations.

With some, the damage can last for months and be far-reaching, says Dr. Tully. The 2024 ransomware attack on Change Healthcare, for instance, affected personal and health information from at least 100 million people, according to TechCrunch.[]

@drglaucomflecken

♬ original sound - Dr. Glaucomflecken

Errol Weiss, chief security officer for the Health Information Sharing and Analysis Center (Health-ISAC), tells MDLinx that while there’s certainly some truth to fears about the growing base of younger hackers motivated by the thrill of the attack, “I do ultimately feel that, largely, there’s a monetary goal that they’re really after.”

He, too, pointed to ransomware attacks—perpetrated by both cybercriminal gangs and certain nations, including North Korea—as one of the biggest threats currently facing US healthcare.

Cyberattacks don’t just hurt the industry

There is evidence that these cyberattacks cause disruptions that can be felt at the patient level. Dr. Tully cites a study he and his colleagues recently published in JAMA Network Open indicating that a month-long ransomware attack on a healthcare delivery organization was associated with ripple effects at nearby emergency departments.[] They found significant  increases in wait times and in the numbers of patients who left without being seen or left against medical advice.

His own group’s research, as well as media reports, indicate “significant collateral damage as a result of network downtime.”

Weiss agrees that “there could be very negative consequences to human life” with cyberattacks, especially if patients end up forgoing needed care due to the issue. “People may sit at home and say, well, I’ll just deal with this later and get care at some other time,” he says. “And we all know delaying needed medical care could be a contributing factor for further complications later.”

Protecting yourself, your patients, and your clinic

Although awareness of and preparation for cyberattacks has improved in healthcare in recent years, Dr. Tully says “there is no such thing as enough preparation/security, and institutions should begin to view these incidents as a matter of when, and not if.”

Unfortunately, healthcare delivery organizations tend to be severely underfunded when it comes to cybersecurity, leaving them vulnerable to attack, notes Weiss.

He noted that earlier this year, HHS released a set of cybersecurity performance goals for healthcare organizations, with the overarching aim of protecting patients’ health information and safety.[]

According to Weiss, the top-three measures that organizations can take are:

  • Staying current on patches to keep their networks up to date

  • Backing up IT systems and data, and ensuring those backups are working

  • Using multifactor authentication for any remote access, such as doctors accessing patient records while off-site

Taking steps to protect against cyberattacks is increasingly important as hacker groups become more technologically savvy and start using more advanced techniques, like AI. Though AI has some positive applications in healthcare—aiding in diagnosis and patient care programs, for instance—there can be a dark side when it is adopted by bad actors.

“With those promises come the perils, and the perils include what the malicious actors, the cybercriminals, can use AI for as well, improving their own attacks, improving the scams, improving the quality of phishing emails, making very targeted emails for a specific audience,” Weiss says, “that’s something I’m really worried about.”

Share with emailShare to FacebookShare to LinkedInShare to Twitter
ADVERTISEMENT