The 2025 Identity Theft Resource Center report confirms what many physician-owners are feeling: cyberattacks are no longer random — they’re precise, automated, and increasingly targeted at healthcare.
In 2025 alone:
- 3,322 U.S. data compromises were recorded (a 79% five-year increase)
- 534 healthcare-specific breaches were identified
- Professional services firms (billing, accounting, legal) saw a 162% rise in attacks
This is not “spray-and-pray” ransomware anymore. It’s strategic targeting of patient-record repositories — and private practices are high-value, lower-defense targets.