Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Hit 200 US Gov, Education and Healthcare Organizations in 2022

More than 200 government, education, and healthcare organizations in the United States fell victim to ransomware in 2022, data gathered by cybersecurity firm Emsisoft shows.

More than 200 government, education, and healthcare organizations in the United States fell victim to ransomware in 2022, data gathered by cybersecurity firm Emsisoft shows.

At a US-led summit in 2021, roughly 30 nations vowed to intensify the battle against ransomware, but ransomware groups remain a constant threat to both public and private sectors in the US and abroad.

Ransomware Resilience & Recovery SummitLast year, 105 local governments in the US were hit with ransomware, along with 44 universities and colleges, 45 school districts, and 25 healthcare providers. The attacks on these school districts impacted more than 1,900 individual schools, while the healthcare provider incidents hit 290 hospitals.

Based on publicly available reports, Emsisoft’s statistics show that the number of impacted organizations has remained constant over the past four years.

The cybersecurity company notes, however, that “not all incidents are made public, even in the public sector and, consequently, the true number of incidents in all sectors of the economy is and has always been higher than reported.”

Of the 105 known ransomware incidents involving state or municipal governments or agencies in 2022, at least 27 also resulted in a data breach.

A major ransomware incident involving a government organization was in Miller County, AK, where malware spread from a compromised mainframe to systems in 55 different counties. Data was stolen from all of them.

Compared to previous years, when major cities such as Baltimore and Atlanta were targeted with ransomware, only smaller governments fell victim to such cyberattacks in 2022.

Of the 89 education sector organizations that suffered a ransomware attack last year, 58 also suffered a data breach following the incident. The most significant attack targeted the Los Angeles Unified School District, impacting over 1,300 schools and 500,000 students.

The most significant of the 25 ransomware incidents involving hospitals and multi-hospital health systems was the attack on CommonSpirit Health, with impact on roughly 150 hospitals. Protected health information (PHI) was stolen in at least 17 of the incidents.

The number of paid ransom demands has decreased significantly last year, with only one government organization known to have paid a ransom in 2022. At least three education organizations are known to have paid up.

While the number of ransomware attacks directly targeting government, education, and healthcare organizations remained on par with previous years, the actual impact of ransomware on these sectors was much higher.

Cyberattacks targeting private sector companies providing services to these sectors – such as payroll, IT, and other service providers – also had an impact, in some cases leading to disruptions and data breaches.

Related: White House Invites Dozens of Nations for Ransomware Summit

Related: FBI Warns of Ransomware Attacks Targeting Local Governments

Related: SecurityWeek Cyber Insights 2022: Ransomware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.