Islamabad: Cybersecurity firm Kaspersky has warned that the rapid expansion of digital healthcare and telemedicine is exposing patients and medical systems to growing data breach and fraud risks. The company said recent incidents show sensitive medical records can be leaked, traded on the dark web, and used for identity theft or targeted cyberattacks.
The warning comes as telemedicine becomes a core part of healthcare delivery worldwide, while its security systems have not kept pace with adoption. Kaspersky noted that both patients and healthcare providers are increasingly vulnerable to data misuse, service disruption, and phishing campaigns disguised as legitimate medical services.
Recent breaches highlight scale of risk
Kaspersky cited multiple high-profile incidents to illustrate the threat. In 2023, telehealth provider Cerebral disclosed that it had shared sensitive patient data — including mental health assessments and personal identifiers — with third-party platforms such as social media and advertising networks, affecting millions of users over several years.
More recent cases in 2025 point to large-scale system vulnerabilities. A breach of the ManageMyHealth patient portal exposed medical records of more than 120,000 patients. Separately, an attack on SimonMed Imaging compromised over one million records and involved ransomware demands, disrupting healthcare operations.
These incidents demonstrate that both telemedicine platforms and broader digital healthcare systems are increasingly targeted by cybercriminals seeking high-value medical data.
Rise of healthcare-themed scams
Alongside data breaches, Kaspersky warned of evolving scam campaigns exploiting medical concerns. Fraudulent websites posing as telemedicine services often invite users for consultations or check-ups while requesting sensitive personal information, including identification details, insurance data, and even medical images.
Also Read: Kaspersky Reports 56% Growth in Mobile Banking cyber hits in 2025
Such platforms typically use fake branding, fabricated doctor profiles, and urgent messaging to pressure users into sharing information. The collected data may later be sold, used for identity theft, or leveraged in targeted extortion attempts.
Security gaps and user awareness
According to Kaspersky, medical data is particularly valuable in cybercrime markets, making patients a prime target for phishing and fraud. The firm emphasized that digital healthcare services require the same level of caution as financial platforms.
Users are advised to rely only on official websites and applications when booking consultations, avoid clicking on unsolicited links, and verify the authenticity of healthcare providers. The company also recommends using trusted security tools with anti-phishing capabilities to detect malicious activity.
Kaspersky said strengthening data protection practices and improving user awareness will be critical as healthcare systems continue to digitize.
Today's E-Paper