Download Report
Cyber Risk

Tue, Feb 18, 2025

Data Breach Outlook: Healthcare Most Breached Industry in 2024

/en/our-team/denyl-greenDenyl Green

Denyl Green

Download the Report

When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.

The ransomware breach and data exfiltration on Change Healthcare in February of last year demonstrated the widespread disruption a breach can cause due to the interconnectedness of systems today. Though Kroll did not handle the Change Healthcare breach response, Kroll assisted with numerous large third-party breaches  and saw firsthand the impact to organizations recovering from these incidents.

Healthcare Overtakes Finance as Most Breached Industry

Healthcare Overtakes Finance as Most Breached Industry

In 2024, healthcare was the most breached industry, accounting for nearly a quarter (23%) of breaches handled by Kroll, compared to 18% in 2023.

While in the spotlight for 2023, the finance sector dropped to second place. However, the difference between most and second-most breached industry is very small. 

Targets Remain Consistent for Data Breaches

Percentage of Data Breaches From 2022 to 2024, by Industry
Percentage of Data Breaches From 2022 to 2024, by Industry

While it seems the finance and healthcare sectors will continue vying for first and second place in the most-breached chart, the shifts—or lack thereof—among the rest of the industries perhaps tell a story about the tactics of threat actors.

There was a significant drop in the number of data breaches in the technology sector, down by 46% compared to 2023. This could be due to the extensive impact of the CLOP ransomware gang’s exploitations of the MOVEit Transfer vulnerability we saw in 2023 diminishing.

The healthcare industry is a target-rich environment and companies need to be looking at their medium-and long-term programs to ensure they can remain safe and secure. Understanding who your adversaries are, and what their capabilities are, is key. From there, you can build a comprehensive risk strategy to understand the edges of your exposure, take down what you can and understand what you can’t. 

New Credit Card Fraud Remains Most Prevalent

Percentage of Kroll Identify Theft Cases by Type of Fraud
Percentage of Kroll Identity Theft Cases by Type of Fraud

When looking at the identity theft trends and how victims are being targeted, one method in particular continues to be the most common: new credit card fraud. This type of identity theft has been prevalent for years, partially due to the ease of creating these types of fraudulent accounts. Consumer protections such as credit freezes are available but still under-utilized.

New cellphone fraud and auto loan account fraud were also trending in 2024. Interestingly, there was a significant decrease in utilities fraud. 

Much More Included in the Report

Download the Report

We will use this information to respond to your inquiry and process your data in accordance with our privacy policy.
  • Analysis on fluctuations in data breaches to the technology, insurance and manufacturing industries.
  • Data and insights on how concerned these industries’ consumers are about the data breaches in question.
  • How likely are certain industries to put identity monitoring in place?
  • Which industries are more proactive in their post-breach efforts?

To understand more about how the data breach notification process works and what you can do ahead of time to ensure it runs as smoothly as possible with minimal financial and reputational damage, reach out to our data breach experts.

Stay Ahead with Kroll

Identity Monitoring

Kroll’s unique combination of identity monitoring services can detect more types of identity theft than credit monitoring alone, providing practical help to combat identity theft and fraud.

Identity Monitoring

Data Breach Call Center Services

A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.

Data Breach Call Center Services

Notification, Call Centers and Monitoring

Kroll’s data breach notification, call centers and monitoring team brings global breach response expertise to efficiently manage regulatory and reputational needs.

Notification, Call Centers and Monitoring

Cyber and Data Resilience

Incident response, digital forensics, breach notification, security strategy, managed security services, discovery solutions, security transformation.

Cyber and Data Resilience

Kroll is headquartered in New York with offices around the world.

One World Trade Center
285 Fulton Street, 31st Floor
New York NY 10007
+1 212 593 1000
Sign up to receive periodic news, reports, and invitations from Kroll. Our privacy policy describes how your data will be processed.

More About Kroll

More About Kroll
© 2025 Kroll, LLC. All rights reserved. Kroll is not affiliated with Kroll Bond Rating Agency, Kroll OnTrack Inc. or their affiliated businesses. Read more.