A new report by Seqrite Labs has documented a significant increase in cyberattacks targeting hospitals, diagnostic labs, pharmaceutical companies, and healthtech platforms in India during 2025βearly 2026. Ransomware, phishing campaigns, supply-chain attacks, and data breaches have become more frequent and sophisticated, posing serious risks to patient data security, clinical operations, and public trust in digital health systems.
Glimpse:
The Seqrite report highlights a 68% year-on-year rise in cyberattacks on Indian healthcare and pharmaceutical organizations, with ransomware accounting for nearly 42% of incidents. Hospitals and diagnostic chains were the most targeted, followed by pharma manufacturers and healthtech startups. Common attack vectors included phishing emails impersonating regulatory bodies, exploitation of unpatched medical devices, and compromised third-party vendors. The report warns that rising digitization under ABDM, coupled with legacy systems and limited cybersecurity budgets, has made the sector increasingly vulnerable, urging immediate adoption of layered defences, regular audits, and employee training.
Seqrite Labs, a leading Indian cybersecurity research and solutions company, has released a detailed threat intelligence report exposing a sharp surge in cyberattacks directed at Indiaβs healthcare and pharmaceutical sector over the past 15 months. According to the findings, the number of documented incidents increased by 68% compared to the previous year, with healthcare organizations (hospitals, diagnostic labs, and telemedicine platforms) and pharmaceutical companies emerging as prime targets
Ransomware remained the dominant threat, responsible for nearly 42% of all attacks, often resulting in temporary shutdown of critical systems, delayed surgeries, diverted emergency cases, and manual fallback to paper records. Other prevalent attack types included sophisticated phishing campaigns impersonating ICMR, CDSCO, or state health departments, exploitation of vulnerabilities in internet-connected medical devices (such as imaging machines and infusion pumps), and supply-chain compromises through third-party software vendors and cloud service providers. Several high-profile incidents involved data exfiltration of sensitive patient records containing ABHA-linked information, lab reports, and treatment histories, which later appeared on dark web marketplaces.
The report attributes the surge to the rapid digitization of healthcare under the Ayushman Bharat Digital Mission (ABDM), widespread adoption of EHRs, telemedicine platforms, and connected diagnostic devices, combined with persistent challenges such as legacy IT infrastructure, limited cybersecurity budgets in smaller hospitals, and inadequate training of clinical and administrative staff. Public-sector and smaller private facilities were found to be particularly vulnerable due to resource constraints and slower adoption of advanced security controls.
Seqrite researchers also noted an increase in targeted attacks aimed at stealing intellectual property from pharmaceutical companies involved in vaccine development, biosimilars, and novel drug research. The report recommends immediate actions including implementation of zero-trust architecture, regular vulnerability assessments and patching of medical devices, deployment of endpoint detection and response (EDR) solutions, employee awareness training with simulated phishing exercises, and development of robust incident response and business continuity plans. It further urges healthcare organizations to treat cybersecurity as a clinical safety issue rather than a purely IT concern.
The release of the Seqrite report has prompted calls from industry bodies and cybersecurity experts for stronger national guidelines, mandatory cybersecurity audits for hospitals handling critical patient data, and increased government support for securing Indiaβs digital health infrastructure as ABDM adoption accelerates nationwide.
βHealthcare organizations in India are sitting on a goldmine of sensitive patient data, making them prime targets for cybercriminals. Cybersecurity must now be treated with the same urgency as patient safety itself.β
By
HB Team
