Phishing attacks continue to pose significant threats to the healthcare sector as the vector is often associated with compromised credentials that can lead to attacks such as ransomware and business email compromise. Between January and October, US healthcare service providers have filed 302 data breach notifications, of which 42% are classified as hacking that often involved phishing. In Australia, phishing for credentials accounted for 58% of all cyber incidents reported by private healthcare providers between July and September. The Australian private healthcare sector was also the most targeted during this period, with 45 notifications out of 245 reported breaches.

References:
[1] Health Data Breach Tally: Analysing the Latest Trends
[2] Notifiable Data Breaches Quarterly Statistics Report 1 July – 30 September 2018 (PDF)