• Politics
  • Diversity, equity and inclusion
  • Financial Decision Making
  • Telehealth
  • Patient Experience
  • Leadership
  • Point of Care Tools
  • Product Solutions
  • Management
  • Technology
  • Healthcare Transformation
  • Data + Technology
  • Safer Hospitals
  • Business
  • Providers in Practice
  • Mergers and Acquisitions
  • AI & Data Analytics
  • Cybersecurity
  • Interoperability & EHRs
  • Medical Devices
  • Pop Health Tech
  • Precision Medicine
  • Virtual Care
  • Health equity

Cyberattack disrupts services at hospitals and clinics

News
Article

Prospect Medical Holdings said it had to take systems offline, and several hospitals cited interruptions to care, including elective surgeries and some outpatient services.

Hospitals and clinics continue to deal with the cyberattack that has affected Prospect Medical Holdings.

Organizations say that some services at Prospect’s facilities continue to be affected. The California-based system operates 17 acute-care and behavioral hospitals and a host of clinics in California, Connecticut, New Jersey, Pennsylvania and Rhode Island. Some healthcare services and procedures are being postponed at the system’s facilities.

The New York Times reported that Prospect Medical Holdings issued a statement saying that it “recently experienced a data security incident that has disrupted our operations.”

“Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” Prospect said in a statement to the Times.

Prospect told The Washington Post that the attack “has disrupted our operations” and the company is working with the FBI and cybersecurity specialists.

Crozer Health, which operates two hospitals in the Philadelphia area, described the system’s disruptions as a “ransomware attack,” The Philadelphia Inquirer reported.

“We have experienced a ransomware attack that is Prospect-wide, and are currently evaluating the situation,” Crozer spokesperson Lori Bookbinder told The Philadelphia Inquirer.

Eastern Connecticut Health Network, which is owned by Prospect, said on its website Monday, “Prospect Medical Holdings facilities are experiencing IT complications impacting some ECHN locations and services.”

Eastern Connecticut says elective surgeries, GI procedures and outpatient physical therapy are postponed until further notice. In addition, outpatient blood draws and outpatient medical imaging at two facilities have been postponed. Eastern Connecticut’s emergency rooms have remained open, but ambulances were temporarily diverted until Friday morning, CNN reported.

CharterCARE in Rhode Island said its operations have been disrupted due to the “data security incident” affecting Prospect Medical Holdings.

“While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible,” CharterCARE said on its website.

CharterCare is accepting walk-ins in the emergency departments of its two hospitals, and surgeries are continuing as scheduled, unless patients are notified of changes. CharterCARE said late last week that its computers were down, affecting inpatient and outpatient operations at Our Lady of Fatima Hospital and Roger Williams Medical Center, and the facilities were using paper records.

Tens of millions of Americans have already been affected by health data breaches in 2023. HCA Healthcare said in July that it suffered a data breach affecting as many as 11 million people. HCA said last month the breach appears to be “a theft from an external storage location exclusively used to automate the formatting of email messages.”

Hospitals have seen more ransomware attacks in recent months, John Riggi, national advisor for cybersecurity and risk for the American Hospital Association, told Chief Healthcare Executive® in a July interview. More than 220 cyberattacks have targeted hospitals and health systems from January through late June, Riggi said.

Hospitals must work with other health systems in their area to develop regional response plans to cyberattacks, Riggi says. Scripps Health suffered a cyberattack in 2021 that disrupted patient services, and the attack also affected other hospitals that had to accommodate stroke patients and other transfers, according to a study published by JAMA Network Open.

“It’s what I call ransomware blast radius,” Riggi said in the July interview. “The original victim is hit, but there is a collateral effect throughout the entire healthcare region.”

Healthcare data breaches continue to be more costly. The average healthcare data breach cost nearly $11 million, according to an IBM Security report released in July. Data breaches in healthcare are more expensive than any other industry, the report found.

Beyond the cost in dollars, cybersecurity experts are drawing more attention to the risks of ransomware attacks to patient care. If procedures are delayed or patients have to be transferred, hospitals face growing risks to patient safety, experts say.

“These are threat-to-life crimes,” Riggi told Chief Healthcare Executive in July. “These are not data crimes. These are not white-collar crimes. And the adversaries have to understand, when we are diverting ambulances with stroke, heart attack and trauma patients, people's lives are at risk.”

Steve Cagle, CEO of Clearwater, a cybersecurity firm, spoke with Chief Healthcare Executive about creating a culture of cybersecurity in this video.


Related Videos
Image credit: ©Shevchukandrey - stock.adobe.com
Image: Ron Southwick, Chief Healthcare Executive
Image credit: HIMSS
Related Content
Image credit: Walmart

Walmart’s ‘stunning’ decision to close health centers a blow to rural America

May 1st 2024
Article

The retail giant announced Tuesday that it is shuttering its clinics. Some had hoped that Walmart could help fill a gap in delivering care to smaller, underserved communities.

Why preventive medicine needs more support | Healthy Bottom Line podcast

Why preventive medicine needs more support | Healthy Bottom Line podcast

April 16th 2024
Podcast

Mirza Rahman, president of the American College of Preventive Medicine, talks about the need for more federal support for residency programs and a greater appreciation for population health.

Image credit: UCSF Health (Rendering: © Herzog & de Meuron)

UCSF Health plans $4.3 billion hospital as ‘future of our field’

April 30th 2024
Article

The new hospital represents the biggest investment in UCSF Health’s history, officials say. The project is part of a large project to transform the system’s flagship campus.

The rise of third party cyberattacks in healthcare | Data Book podcast

The rise of third party cyberattacks in healthcare | Data Book podcast

March 11th 2024
Podcast

Dan Dodson, the CEO of Fortified Health Security, talks about the risks to hospitals, AI in attacks and defense, and what health systems can do to protect themselves.

Image: Kaiser Permanente

Kaiser Permanente medical school appoints dean and CEO, and more | MED MOVES

April 29th 2024
Article

Banner Health names its first chief technology officer.

Image credit: ©nito - stock.adobe.com

Effectiveness of managing conditions with remote patient monitoring | Viewpoint

April 28th 2024
Article

RPM has become essential in healthcare, especially for management of patients with asthma, diabetes, hypertension, and other health issues.

© 2024 MJH Life Sciences

All rights reserved.