The healthcare sector in India faced the highest number of cybersecurity attacks, with education and manufacturing sectors collectively contributing to almost half of all detections between October 2024 and September 2025, as per a report by Seqrite, the enterprise security division of Quick Heal Technologies Ltd. Healthcare and pharmaceuticals alone accounted for 3.79 million detections, representing 14.24% of all cyberattacks in the country. Indian hospitals and clinics experienced a surge in cyberattacks, making healthcare networks prime targets for data theft, extortion, and disruption.
The report highlighted that data-rich and always-on environments have become prime targets for cyberattacks. Trojans and file infectors constituted nearly 70% of all attacks, with remote access Trojans and loader-based malware targeting pharma R&D data and clinical trial information, indicating espionage and IP-theft motives. Despite ransomware detections being less than 1% of the total, they had a significant operational impact, exceeding 0.81 million detections, with a peak in January 2025 recording 185 incidents and 113,000 detections. These attacks often exploited phishing, cracked software, exposed remote desktop services, or supply chain vectors to infiltrate hospital information systems and disrupt care delivery.
The report emphasized the irreplaceable nature of patient records in contrast to payment data, making healthcare data highly valuable in underground markets and extortion schemes. Stolen records, including medical histories, diagnostic reports, prescription details, insurance information, and personally identifiable data, are exploited for blackmail, fraud, and long-term profiling. It cautioned that a compromised radiology system could lead to diagnostic delays, manipulated lab results might affect treatment, and exfiltrated clinical trial data could jeopardize years of research investment.
