On World Health Day, Kaspersky has issued a warning about the growing risks associated with the digitization of healthcare and the rapid adoption of telemedicine. Recent incidents demonstrate that medical services are increasingly vulnerable to breaches, potentially exposing sensitive medical records that can be leaked, sold on the dark web, or exploited in targeted attacks.
While telemedicine has evolved from a convenience to a core part of healthcare delivery, its security measures have not kept pace with adoption. In 2023, Cerebral, a major telehealth provider focused on mental health, was found to have shared patient data including assessments, intake information, and personal identifiers with third-party platforms such as social media and advertising networks, affecting millions of users over several years.
In 2025, breaches of the ManageMyHealth patient portal exposed records of over 120,000 patients, while the attack on SimonMed Imaging compromised more than a million records and involved ransomware demands. These incidents highlight that both telemedicine platforms and broader digital healthcare ecosystems are prime targets for cyberattacks.
Another emerging threat involves scam campaigns that impersonate medical services. Fraudulent websites invite patients for check-ups or follow-ups, often requesting personal information, insurance numbers, medications, symptom descriptions, and even photos of affected body parts. These scams use branding, fake doctor profiles, and urgent calls to action to trick users into sharing sensitive data, which can then be sold or exploited for identity theft and extortion.
“The digital healthcare experience is transforming access to care, but it also expands the attack surface in ways many users underestimate,” said Anna Larkina, Web Content and Privacy Analysis Expert at Kaspersky. “Medical data is highly valuable and actively traded on the dark web, making patients prime targets. Security and privacy must become a core part of the digital healthcare experience.”
To stay safe, Kaspersky advises users to treat medical consultation offers with skepticism, rely only on official websites and apps, verify healthcare providers, avoid unsolicited links, and use a trusted security solution with AI-powered anti-phishing protections to detect scams.
