How Cyberattacks on Mainline Health and Select Medical Exposed Over 200,000 Patients

The healthcare industry is facing a relentless wave of cyber threats, as demonstrated by two recent breaches impacting Mainline Health Systems and Select Medical Holdings. In April 2024, Mainline Health experienced a direct ransomware attack by the Inc Ransom group, compromising sensitive data for over 101,000 individuals. Select Medical’s breach, in contrast, occurred through a third-party vendor—Nationwide Recovery Services—exposing records of nearly 120,000 patients. These incidents illustrate the growing vulnerability of healthcare organizations, whether from direct attacks or through weaknesses in their extended vendor networks.

As healthcare organizations digitize records, adopt connected medical devices, and rely on cloud services and third-party vendors, the risk landscape grows more complex. Ransomware, hacking, and third-party vendor compromises are now the leading causes of healthcare data breaches—often with serious implications for patient care, financial stability, and organizational reputation.

In this episode, we examine:

• How the Inc Ransom group operates, and why healthcare is a prime target
• The increasing financial and operational impact of ransomware and third-party breaches
• Common attack vectors including hacking, phishing, and supply chain vulnerabilities
• Why third-party risk management is becoming a critical element of healthcare cybersecurity
• The direct impacts of breaches on patient safety, care delivery, and mortality rates
• Recommended mitigation strategies, from multi-factor authentication and privileged access management to continuous monitoring of vendor ecosystems
• The role of national cybersecurity frameworks, HHS initiatives, and information sharing platforms in building sector resilience

These recent breaches serve as a wake-up call: healthcare cybersecurity can no longer be reactive or siloed. A comprehensive approach—addressing both internal defenses and third-party risks—is essential to protect sensitive patient data and maintain uninterrupted care.