According to Seekright’s India Cyber Threat Report 2026 released by the enterprise arm of Quick Heal Technologies Ltd, the healthcare sector in India has emerged as one of the most targeted industries for cyber attacks between October 2024 and September 2025. Based on telemetry from more than 8 million endpoints, the report detected a staggering 265.52 million cyber attacks across the country—an average of 505 attacks per minute.
Education, healthcare (including pharmaceuticals) and manufacturing sectors accounted for about 47% of the total cyber attacks. Specifically, the healthcare and pharmaceuticals sector recorded 37 lakh cyber attacks, which is approximately 14.24% of the total attacks (some sources report similar figures for manufacturing/engineering as 37 lakh and 14.22%). The healthcare sector ranks among the top three most impacted sectors due to its data-rich and dynamic nature, making it a prime target for data theft, extortion and operational disruption.
Hospitals and clinics faced frequent attacks, making networks high-value targets. Trojans and file infectors dominated, being responsible for about 70% of the attacks (about 88.4 million Trojans and about 71.1 million file infectors detected). Remote access Trojans and loader-based malware were prominently used to target pharma R&D and clinical trial data, indicating intentions of espionage and intellectual property theft.
Ransomware, although less than 1% with approximately 0.81 million cases, had a widespread impact – it peaked with 185 incidents and 113,000 cases in January 2025. Many incidents involved phishing, cracked software, exposed remote desktop services or exploited supply chain vulnerabilities – the same factors that are disrupting hospital systems and patient care.
The report emphasized the invaluable importance of healthcare data: unlike financial information, patient records (medical history, diagnoses, prescriptions, insurance and personal identifying information) are permanent and can be easily sold on dark web forums for fraud, blackmail or profiling. A security breach could lead to delayed diagnosis, manipulation of results, or loss of research investment.
Secrete stressed the need for stronger security measures in these critical areas amid growing AI-assisted threats and hybrid cyber crime.
Comments are closed.