Cyber Threats Care Homes can’t Ignore

Protecting the future from cyber threats

Care homes support some of the most vulnerable people in the country. But not everyone shares that sense of care, and cybercriminals are a prime example.

The healthcare sector has become a prime target for cyber attackers because they’re goldmines for sensitive data, which fetch huge amounts of money on the black market. In 2023, more than half of UK healthcare companies were the targets of a cyberattack.

The three cyber threats care homes can’t ignore

Compared to larger corporations, care homes don’t have the same financial resources to fend off complex cyberattacks. Cybercriminals know this and they use it to their advantage.

According to the National Cyber Security Centre, the top three cyber threats are:

Phishing

The most common cyberattack, phishing might look like an email that seems to come from a legitimate source. The employee then unwittingly shares that sensitive information with a criminal, providing hackers with convenient access into the company’s IT systems.

Malware

Malware = malicious software. It’s designed by cyberattacks to disrupt and disable your IT systems for their benefit. Similarly to phishing, malware is often downloaded onto company systems by an unwitting employee who clicked on an email link.

 Ransomware

Ransomware is a type of malware that locks you out of your own systems, with your access only being restored after you’ve paid a (usually hefty) ransom.

The real cost of a cyberattack

A cyberattack is more than just an event. Lots of companies feel the effects of a cyberattack long into the future, financially and reputationally.

Last year, a group of care homes in Leicester were targeted by a cyber incident that means staff weren’t paid on time. With hundreds of thousands of pounds at stake, the company’s director said there was ‘no real end in sight.’[1] 

In 2024, software provider Advanced – which supports the NHS – was fined over £6 million by the Information Commissioner’s Office after hackers were able to access the personal data of thousands of customers.[2] 

Whether your organisation is large or small, it’s really important to take data protection seriously. It’s not just about systems or finances but about the trust that your customers put in you. Once that trust is gone, it can be very hard to earn back.

Let’s talk

If you’d like to get ahead, we’d love to chat. Care England members can speak to James Anscombe on 07967 850015 or email james.anscombe@everywhen.co.uk.

We stood by you as Towergate, now we’re standing by you as Everywhen

Our new name reflects exactly what we stand for: being here for you, “always” and “at all times” (which is the literal definition of Everywhen). While our name has changed, we still offer an expert team, great service and we now have the added benefit of being part of a business united by a shared purpose. Find out more at www.everywhen.co.uk

[1] Leicester care home warning as cyber incident hits services - BBC News

[2] Watchdog set to fine NHS IT firm after medical records hack - BBC News

Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems, we recommend that professional advice be sought.