Seqrite Report Highlights Surge in Cyberattacks Targeting Healthcare & Pharma in India

The healthcare and pharmaceuticals sector alone recorded 3.79 million detections, representing a 14.24% share of total cyber incidents.

The healthcare and pharmaceutical sector in India has emerged as a prime target for cyberattacks, according to the India Cyber Threat Report 2026 released by Seqrite, the enterprise security arm of Quick Heal Technologies.

Prepared by Seqrite Labs using telemetry data from over 8 million endpoints, the report found that education, healthcare, and manufacturing together accounted for nearly 47% of all detections between October 2024 and September 2025.

The healthcare and pharmaceuticals sector alone recorded 3.79 million detections, representing a 14.24% share of total cyber incidents.

Trojans and file infectors formed nearly 70% of the attacks, while remote access Trojans and loader-based malware were linked to attempts to access pharmaceutical research, development data, and clinical trial information. Ransomware, though accounting for less than 1% of detections, had notable operational impact, with more than 0.81 million detections reported, peaking in January 2025 at 185 incidents and 113,000 detections. Attack vectors included phishing, cracked software, exposed remote desktop services, and supply chain vulnerabilities affecting hospital information systems.

The report stresses that patient data presents unique risks, as medical histories, diagnostic reports, prescription records, insurance details, and personal information cannot be reissued once breached. Such data can be misused for fraud, blackmail, and profiling, and compromised systems may disrupt diagnosis, treatment, and research activities.

Under the Digital Personal Data Protection Act (DPDP) 2023, healthcare institutions—including hospitals, clinics, diagnostic chains, insurers, and health tech platforms—must ensure lawful processing, consent, purpose limitation, and data safeguards for all digital records, including admission data, lab results, teleconsultation logs, and application data.

Seqrite stated that its enterprise security products and services are aligned with DPDP Act provisions, supporting healthcare organizations in managing cybersecurity and data protection obligations while addressing growing threats to patient and clinical data.

Stay tuned for more such updates on Digital Health News