HBO Max’s enormously widespread tv collection The Pitt is receiving plaudits for its practical depiction of the trials and tribulations of well being care in an city emergency room.
Now in its second season, which premiered on Jan. 8, 2026, the present follows Dr. Michael “Robby” Robinavitch (performed by Noah Wyle) and his colleagues by a single 15-hour medical shift, divided into one-hour episodes. The staff treats sufferers towards a backdrop of all-too-common American societal plagues, from substance use dysfunction to medical bankruptcies and mass shootings.
Spoiler alert: About midway by the season, Dr. Robby and the workers on the fictional Pittsburgh Trauma Medical Middle grapple with chaos ensuing from a much less generally depicted catastrophe – a hospital cyberattack. The hospital’s community and computer systems have been incapacitated, leading to scenes of millennial residents combating fax machines, laboratory orders disappearing in a shuffle of papers, and fixed communication breakdowns culminating in a missed life-threatening analysis.
All this would possibly immediate viewers to surprise: Does this really occur in actual life?
As physicians who examine cyberattacks and their affect on affected person care, we’ve got seen most of the similar occasions depicted in The Pitt play out in the true world.
These assaults have extreme medical penalties. In an unlucky case of artwork imitating life, the present’s cyberattack story arc started on the identical day that the College of Mississippi Medical Middle suffered the identical destiny, ensuing within the sudden closure of greater than 30 affiliated clinics throughout the state whereas additionally disrupting Mississippi’s solely Stage I trauma heart.
Trendy well being care is critically depending on digital applied sciences, similar to digital well being information, laboratory machines and radiology platforms, that shut down when hospital networks are taken offline. Shedding entry to those instruments for extended intervals of time places sufferers’ lives at grave danger.
What’s at stake
Essentially the most dire real-life cyberattacks on hospitals contain ransomware, a category of malicious software program that encrypts knowledge and locks down computer systems and networks, demanding important quantities of money for the promise of aid. Sadly, these occasions usually are not uncommon. Comparitech, a cybersecurity analysis agency, recorded 445 ransomware assaults on hospitals and clinics in 2025 – a brand new peak following a number of years of annual will increase.
Such assaults are particularly harmful for sufferers with time-sensitive emergencies like strokes, coronary heart assaults or sepsis, however they have an effect on hospital outcomes broadly. For instance, a 2026 evaluation of Medicare knowledge discovered that hospitalized sufferers had a 38% greater danger of demise throughout a ransomware assault.
Furthermore, the well being impacts of ransomware usually are not confined to the hospitals below assault. The Pitt demonstrates this phenomenon effectively in earlier episodes. When Westbridge, one other hospital in the neighborhood, is struck first, a wave of sufferers arriving by ambulance strains Pittsburgh Trauma Medical Middle’s already packed emergency room, resulting in delays in care and overwhelming already-strained clinicians. Our staff discovered {that a} hospital cyberattack minimize the percentages of surviving a cardiac arrest with out devastating mind injury by practically 90% at close by hospitals, not simply the one which was attacked.
And even when a hospital’s pc techniques are restored and regular care resumes, a cyberattack leaves monumental monetary injury in its wake. Class motion lawsuits, fragmented billing and steep regulatory fines resulting from affected person privateness breaches and different points usually lead to tens to tons of of thousands and thousands of {dollars} of losses.
Within the worst circumstances, hospitals or clinics in rural areas have been compelled to shutter their doorways, leaving their communities with one much less place to obtain care and exacerbating current well being care deserts.
Defending cyber infrastructure
We’ve got little question that Dr. Robby will rally his staff to finally save the day from malicious cyberattacks on The Pitt. However what’s the prognosis for the remainder of us, in the true world?
The federal authorities has acknowledged the actual danger posed to rural and demanding entry hospitals and has recognized elevated funding in cybersecurity applied sciences as one of many objectives of the Rural Well being Transformation Program, a US$50 billion package deal distributed throughout all 50 states.
A number of states, together with New York and Connecticut, have taken additional motion, enshrining new payments in 2025 and 2026 mandating hospitals develop particular cybersecurity plans to guard sufferers. And the Meals and Drug Administration now evaluates the cybersecurity of latest medical gadgets previous to their arrival to market, and may situation remembers of these discovered to have important vulnerabilities.
Cybersecurity stays one of many few bipartisan points on Capitol Hill. A well being care cybersecurity invoice co-sponsored by Senators Invoice Cassidy, R-La., and Mark Warner, D-Va., launched in December 2025, would require hospitals to undertake safety practices, together with multifactor authentication and knowledge encryption, allocate extra grants for hospitals and clinics, and strengthen the pipeline for cybersecurity professionals working within the well being care sector, amongst different provisions.
Nevertheless, this downside isn’t going away. Synthetic intelligence and the enlargement of distant and digital care imply that malicious hackers have refined new instruments and elevated alternatives to focus on hospitals. Researchers like us should discover new methods to stop cyberattacks when potential and defend sufferers after they inevitably erupt.
Jeffrey Tully, Affiliate Medical Professor of Anesthesiology, College of California, San Diego and Christian Dameff, Affiliate Professor of Emergency Medical Companies, College of California, San Diego
This text is republished from The Dialog below a Inventive Commons license. Learn the unique article.
