Ransomware attacks have become the top cause of U.S. health care data breaches, compromising 285 million patient records over 15 years, according to a new study led by researchers from Michigan State University, Yale, and Johns Hopkins.

John Jiang is a professor of information systems at Michigan State University and led the research. He says in 2024, ransomware was behind just 11% of healthcare breaches nationwide, but it did the most damage, compromising about 70% of all patient records.

This new research builds on earlier studies showing that internal mistakes, not hackers, caused more than half of healthcare data breaches, including lost devices and misdirected emails. Jiang warns that these breaches can also pose serious risks to patients’ health.

“This person is allergic to certain medicine, right? If the hackers messed up the system or modified whatever information, that could cause life-changing events,” Jiang said.

The researchers suggest federal regulators should require hospitals and insurers to report ransomware attacks, change how they measure breach severity to include care disruptions, and track cryptocurrency to stop ransom payments.