African healthcare systems are increasingly facing cyberattacks, with hospitals, laboratories and digital health platforms becoming prime targets for cybercriminals, Microsoft’s chief security advisor for Africa, Kerissa Varma, has warned.
Writing in an opinion piece shared with The , Varma highlighted the growing vulnerability of healthcare facilities on the continent, saying the sector is under a “silent emergency” as cybercriminals exploit the rush to digitise patient records and services.
“While doctors fight to save lives, cybercriminals are infiltrating hospitals, laboratories, and clinics, turning life-saving environments into digital battlegrounds,” Varma said.
According to Varma, recent attacks across Africa illustrate the fragility of medical infrastructure.
In May 2025, Mediclinic Southern Africa suffered a cyber extortion attack that compromised sensitive human resources data. Later that year, Lancet Laboratories faced regulatory penalties in South Africa for failing to notify patients of data breaches under the Protection of Personal Information Act. Meanwhile, a ransomware strike on the National Health Laboratory Service disrupted blood test processing nationwide, delaying critical care for millions.
Other notable incidents include M-Tiba, a Kenyan digital health platform managed by CarePay and backed by Safaricom, which suffered a significant data breach in late 2025; and Pharmacie.ma, a Moroccan pharmaceutical platform, which was reportedly targeted in an unauthorised customer data export.
Research indicates that Nigeria’s private healthcare sector is increasingly targeted, with cyberattacks rising at an alarming pace.
“Africa’s healthcare organisations faced an average of 3,575 weekly attacks in 2025, a 38 per cent increase from the previous year,” Varma said. Common consequences include temporary loss of access to hospital systems, encryption of patient data and the risk of sensitive information appearing on the dark web.
Varma explained that legacy systems, fragmented infrastructure and underfunded IT teams make many African hospitals easy targets. The adoption of open-source AI tools for diagnostics and patient management, while cost-effective, often lacks enterprise-grade security. Combined with unencrypted patient records scattered across multiple systems, these weaknesses multiply the risk of breaches.
“Medical records are a premium target. Unlike credit card data, patient information never expires, and stolen records can be used for years to commit identity theft, make fake insurance claims, and commit prescription fraud,” Varma said. “A single medical record can fetch up to $310 on the dark web, compared with $30–$50 for a credit card.”
The Microsoft executive warned that hospitals cannot afford downtime. Every minute offline risks patient lives, making institutions more likely to pay ransoms. Yet, in two out of five cases where ransoms were paid, data and operations still could not be recovered.
Varma urged healthcare providers to integrate cybersecurity into overall resilience planning.
“Investing in technology that identifies and contains attacks, maintaining strong backups, and practising incident response plans aligned with local laws like POPIA in South Africa and data protection acts in Kenya and Nigeria can be the difference between a minor incident and total failure,” she said.
She also highlighted the growing role of AI in both attacks and defences. “Adversaries are using AI to scale and tailor attacks, making AI-driven phishing 4.5 times more effective than traditional methods. At the same time, AI can automate detection, containment and response, making it a critical tool for protecting patient data,” Varma said.
Varma stressed that remote access to patient records requires strong identity and authentication measures: “Healthcare organisations must deploy phishing-resistant multifactor authentication and conditional access to protect user accounts.”
She also emphasised the importance of staff training, saying, “People are at the heart of cybersecurity. Training medical and administrative staff on phishing, applying role-based access controls, and fostering a culture of awareness is essential. Cybersecurity is no longer just an IT issue; it is a patient safety issue.”
Varma concluded that as African healthcare systems continue to digitise, protecting the digital infrastructure must be treated with the same urgency as safeguarding patients’ physical well-being.
“By investing in comprehensive cybersecurity strategies and leveraging AI-powered defences, Africa’s healthcare sector can strengthen its digital front lines and ensure safer, more resilient healthcare for all,” she said.