More than 200 government, education, and healthcare organizations in the United States fell victim to ransomware in 2022, data gathered by cybersecurity firm Emsisoft shows.
At a US-led summit in 2021, roughly 30 nations vowed to intensify the battle against ransomware, but ransomware groups remain a constant threat to both public and private sectors in the US and abroad.
Last year, 105 local governments in the US were hit with ransomware, along with 44 universities and colleges, 45 school districts, and 25 healthcare providers. The attacks on these school districts impacted more than 1,900 individual schools, while the healthcare provider incidents hit 290 hospitals.
Based on publicly available reports, Emsisoft’s statistics show that the number of impacted organizations has remained constant over the past four years.
The cybersecurity company notes, however, that “not all incidents are made public, even in the public sector and, consequently, the true number of incidents in all sectors of the economy is and has always been higher than reported.”
Of the 105 known ransomware incidents involving state or municipal governments or agencies in 2022, at least 27 also resulted in a data breach.
A major ransomware incident involving a government organization was in Miller County, AK, where malware spread from a compromised mainframe to systems in 55 different counties. Data was stolen from all of them.
Compared to previous years, when major cities such as Baltimore and Atlanta were targeted with ransomware, only smaller governments fell victim to such cyberattacks in 2022.
Of the 89 education sector organizations that suffered a ransomware attack last year, 58 also suffered a data breach following the incident. The most significant attack targeted the Los Angeles Unified School District, impacting over 1,300 schools and 500,000 students.
The most significant of the 25 ransomware incidents involving hospitals and multi-hospital health systems was the attack on CommonSpirit Health, with impact on roughly 150 hospitals. Protected health information (PHI) was stolen in at least 17 of the incidents.
The number of paid ransom demands has decreased significantly last year, with only one government organization known to have paid a ransom in 2022. At least three education organizations are known to have paid up.
While the number of ransomware attacks directly targeting government, education, and healthcare organizations remained on par with previous years, the actual impact of ransomware on these sectors was much higher.
Cyberattacks targeting private sector companies providing services to these sectors – such as payroll, IT, and other service providers – also had an impact, in some cases leading to disruptions and data breaches.
Related: White House Invites Dozens of Nations for Ransomware Summit
Related: FBI Warns of Ransomware Attacks Targeting Local Governments

More from Ionut Arghire
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Tor Network Under DDoS Pressure for 7 Months
- Russian Admits in US Court to Laundering Money for Ryuk Ransomware Gang
- Patient Information Compromised in Data Breach at San Diego Healthcare Provider
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- Vulnerability Provided Access to Toyota Supplier Management Network
- Linux Variant of Cl0p Ransomware Emerges
Latest News
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- UN Experts: North Korean Hackers Stole Record Virtual Assets
