One in Four Healthcare Groups Hit by Medical Device Attacks
▼ Summary
– 24% of healthcare organizations experienced cyber-attacks impacting medical devices in the past year, with 80% of those attacks causing moderate or significant disruption to patient care.
– 82% of organizations have deployed or are piloting runtime exploit protection, and 84% include cybersecurity in vendor RFPs.
– 44% of organizations use devices with known, unpatched vulnerabilities, and 28% operate devices past end-of-support.
– Medical device manufacturers Medtronic and Stryker were recently attacked, with data breaches and device wipes attributed to extortion and state-linked groups.
– 57% of organizations have adopted AI-enabled medical systems, yet 80% express moderate to high concern about associated cybersecurity risks.
According to a new report from RunSafe Security, nearly one in four healthcare organizations (24%) experienced cyberattacks targeting medical devices in the past year, leading to potentially serious disruptions in patient care. The findings come from a survey of 551 healthcare professionals across the US, UK, and Germany, compiled for the 2026 Medical Device Cybersecurity Index.
In 80% of incidents where devices were compromised, patient impact was rated as “moderate” or “significant.” These effects ranged from delayed imaging and postponed procedures to interruptions in critical care delivery, the security vendor noted.
While cybersecurity is becoming a higher priority in procurement and operations, legacy equipment remains a persistent vulnerability. The survey found that 44% of organizations still use devices with known, unpatched flaws, and 28% operate equipment that has passed its end-of-support date. On a brighter note, 82% of respondents have deployed or are piloting runtime exploit protection, 84% now include cybersecurity in vendor RFPs, and 76% would pay extra for advanced protection.
The threat landscape extends beyond healthcare providers to device manufacturers themselves. This week, US giant Medtronic disclosed a data security incident after the notorious extortion group ShinyHunters listed the company on its leak site in mid-April. The attackers claim to have stolen over nine million records containing personal information, along with large volumes of internal corporate data.
In a separate incident, Fortune 500 medical technology firm Stryker was hit in March when the Iranian-sponsored Handala group wiped tens of thousands of corporate devices after gaining access to an Intune admin account.
“The findings land against a backdrop of large-scale healthcare cyber incidents that have disrupted care delivery and revenue flows, underscoring how quickly attacks on device-adjacent systems can translate into patient harm,” said Joseph Saunders, CEO of RunSafe Security. “Medical device cybersecurity is increasing in importance to healthcare buyers as they see it as a patient safety and regulatory imperative.”
The tension between security and productivity in healthcare organizations is expected to persist as AI adoption grows. More than half (57%) of surveyed organizations have implemented AI-enabled or AI-assisted medical systems, yet 80% expressed moderate to high concern about the associated cybersecurity risks.
On a positive note, 56% of respondents said they have rejected devices at the procurement stage due to cybersecurity concerns, a notable increase from 46% last year.
(Source: Infosecurity Magazine)
