We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user experience, personalize content, customize advertisements, and analyze website traffic. For these reasons, we may share your site usage data with our social media, advertising, and analytics partners. By clicking ”Accept,” you agree to our website's cookie use as described in our Cookie Policy. You can change your cookie settings at any time by clicking “Preferences.”

TechDogs-"Flare Report Finds 3 In 4 Compromised Healthcare Devices Expose Patient Records"

Cyber Security

Flare Report Finds 3 In 4 Compromised Healthcare Devices Expose Patient Records

GlobeNewswire
Overall Rating

Report reveals a sharp rise in healthcare credential theft and widespread exposure of sensitive medical data

Flare Report Finds 3 in 4 Compromised Healthcare Devices Expose Patient Records

Flare's The State of Healthcare Credential Exposure in 2026

MONTREAL, May 19, 2026 (GLOBE NEWSWIRE) -- Flare, the leader in Threat Exposure Management, today released a new report, The State of Healthcare Credential Exposure in 2026. The report found and analyzed more than 154,000 stealer logs containing medical, healthcare and/or hospital services access and found that nearly 74% of infected devices contained credentials for electronic health record (EHR) and electronic medical records (EMR) systems, exposing highly sensitive data, such as social security numbers, diagnoses, lab results, medications, and insurance information.

Healthcare organizations are facing a surge of credential-driven attacks, where a single compromised device can open the door to critical systems. Flare research shows a 33% year-over-year increase, underscoring cybercriminals' growing focus on clinical systems and patient data. At the center of this trend is infostealer malware, which harvests credentials and session data and packages them into “stealer logs” sold across cybercrime forums. When those logs include healthcare access, the stakes escalate quickly, exposing patient records, medication systems, billing platforms, and even internal security tools.

“Healthcare credential exposure is not only increasing, but the type of access found in these logs makes each compromise particularly significant,” said Estelle Ruellan, threat intelligence researcher at Flare. “A single infected device could hand an attacker the keys to understand, map, and exploit an entire hospital's infrastructure, which can have a catastrophic impact.”

According to the report, over the past two years, nearly 61,000 healthcare-related logs have surfaced on underground platforms, giving attackers direct access to systems that hold highly sensitive patient and operational data. These findings highlight the need for healthcare organizations to strengthen credential exposure monitoring and reduce time to detection.

Other key findings from the report include:

  • In 2025, roughly 2,900 devices with healthcare access were compromised and shared on criminal marketplaces every month (over 34,800 annually).
  • The United States is the most targeted country, accounting for 48% of healthcare-exposed logs.
  • 900 logs contained access to medication dispensing and tracking platforms like Omnicell, BD Pyxis, ScriptPro, and Bluesight — which manage the physical dispensing of medications in hospital units, including controlled substances such as opioids and sedatives.

By prioritizing stealer log monitoring, healthcare organizations can enhance resilience and accelerate risk detection and mitigation.

View the full report on Flare’s website.

About Flare

Flare is the leader in Threat Exposure Management, helping global organizations detect high-risk exposures found on the clear and dark web. Combining the industry’s best cybercrime database with a ridiculously intuitive user experience, Flare enables customers to reclaim the information advantage and make cyber crime irrelevant. For more information, visit https://flare.io. To experience the platform firsthand, start a free trial at https://try.flare.io/free-trial/. Join our Discord community and explore Flare Academy to stay up-to-date on the latest in threat intelligence.

Media Contact
Geena Pickering
Look Left Marketing
flare@lookleftmarketing.com

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/5fa4a730-391c-4e4a-8410-54457b30992c


Frequently Asked Questions

What is the main finding of Flare's "The State of Healthcare Credential Exposure in 2026" report?

The report found a 33% year-over-year increase in healthcare credential-driven attacks, with nearly 74% of compromised devices exposing sensitive patient records from EHR/EMR systems.

What sensitive information is at risk due to healthcare credential theft?

Compromised devices expose highly sensitive data including social security numbers, diagnoses, lab results, medications, and insurance information, as well as access to critical clinical systems.

How can healthcare organizations combat credential exposure and protect patient data?

Healthcare organizations need to strengthen credential exposure monitoring and reduce the time to detection, prioritizing stealer log monitoring to enhance resilience and accelerate risk mitigation.

First published on Thu, May 21, 2026

Liked what you read? That’s only the tip of the tech iceberg!

Explore our vast collection of tech articles including introductory guides, product reviews, trends and more, stay up to date with the latest news, relish thought-provoking interviews and the hottest AI blogs, and tickle your funny bone with hilarious tech memes!

Plus, get access to branded insights from industry-leading global brands through informative white papers, engaging case studies, in-depth reports, enlightening videos and exciting events and webinars.

Dive into TechDogs' treasure trove today and Know Your World of technology like never before!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.

Tags:

healthcare credential theft patient data cybersecurity infostealer malware EHR EMR threat exposure management medical records data breach Flare report

Join The Discussion

Trending GlobeNewswire

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

Home

Hot Topic: AI

News

Articles

Branded Insights

  • Dark
  • Light