The healthcare sector is undergoing a digital transformation that improves the quality of care, increases efficiency, and enhances connectivity. With digitalization comes an increase in cyber threats. Hospitals are among the primary targets of cybercriminals. Adequate protective measures require knowledge and analysis of frequently occurring incidents. This study aimed to identify types of cyber risks and to evaluate factors influencing incident occurrence using a mixed-methods approach. Data on cyber incidents and data breaches from 2021 to 2024 were consolidated from five publicly accessible international datasets into a single unified dataset with 3459 entries and analyzed with a focus on hospital incidents. Results showed that hacking, especially involving ransomware, poses a key security risk in hospitals. The results were then discussed in four focus groups with 14 IT experts from hospitals. They highlighted threats and potential conflicts arising from the integration of new technologies, including the escalation of external risks as hacking activities become more organized and professionalized. The need for openly accessible and understandable data on hospital cyber risks, as well as for collaborative exchange among institutions, was emphasized. The study identifies gaps in current knowledge regarding the integration of technology into hospital networks, suggesting directions for future research.
Rogge et al. (Thu,) studied this question.