Ransomware attack affects hospitals in several states

A cyberattack has affected hospitals operating in several states, delaying some surgical procedures and prompting some facilities to divert ambulances to other hospitals.

Ardent Health Services confirmed in a statement Monday that it has suffered what it described as a ransomware attack, which was first discovered around Thanksgiving. Ardent operates 30 hospitals and more than 200 sites of care in six states.

Ardent says its hospitals are continuing to care for patients. All of Ardent’s hospitals are providing stabilizing care to any patients arriving in emergency departments, the system said.

“We continue to provide care in our hospitals, clinics and emergency rooms with no adverse impacts,” Ardent said in a statement.

Still, Ardent acknowledges there have been some disruptions. Some elective surgeries are being rescheduled for later dates. In addition, some hospitals were asking local ambulance services to take patients to other facilities. UT Health East Texas had diverted ambulances in recent days, but a spokesperson confirmed Monday that the diversion has ended.

Read more: Emerging cybersecurity threats in healthcare

Ardent said Monday that the system hasn’t determined how many individuals may be affected or the extent of the exposure of patients’ private health information or financial data.

Electronic medical records are offline, and Ardent said its MyChart services and on-demand video visits are temporarily unavailable. Ardent said Monday it’s hoping to restore all systems as soon as possible, but the organization doesn’t have a firm timeline.

“The investigation and restoration of access to electronic medical records and other clinical systems is ongoing,” Ardent said in a statement. “Ardent is still determining the full impact of this event and it is too soon to know how long this will take or what data may be involved in this incident.”

The organization says it discovered a cybersecurity incident on Nov. 23 (Thanksgiving Day), and later confirmed that it was indeed a ransomware attack. Ardent says it has notified law enforcement and its staff are working to restore its systems and protect patient data.

“Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs,” the system said.

The system also said it is working with cybersecurity professionals and threat intelligence advisers.

With UT Health East Texas diverting patients temporarily, CHRISTUS Health saw an increase in patient volume in its northeast Texas region, a CHRISTUS spokesperson said. CHRISTUS adjusted staffing to ensure that its faciliites could handle the increased traffic.

BSA Health System in Amarillo, Texas, a part of Ardent, temporarily diverted patients as a result of the ransomware attack, KVII-TV of Amarillo reported.

Lovelace Health System in New Mexico, also part of Ardent, diverted ambulances due to the cyberattack and has postponed some procedures, KOAT-TV reported. A Lovelace spokesperson said all Lovelace facilities are being affected to some degree.

Hillcrest Health System in Oklahoma also temporarily diverted some patients and its MyChart system is down, the Tulsa World reported.

Ardent hospitals in New Jersey, Hackensack Meridian Mountainside Medical Center and Hackensack Meridian Pasack Valley Medical Center, have also been affected, posting on social media that its MyChart and video visit services are unavailable.

Millions of Americans have been affected by cyberattacks and breaches of their personal health information. So far this year, 88 million individuals have been affected by breaches of private health data, a 60% increase over the previous year, according to the U.S. Department of Health & Human Services.

More hospitals and healthcare organizations have suffered ransomware attacks this year. In the first half of 2023, more than 220 hospitals were affected by cyberattacks, according to the American Hospital Association.

HCA Healthcare, the nation’s largest for-profit hospital system, said in July that it suffered a cyberattack that may have affected as many as 11 million individuals.

Federal authorities urge hospitals not to give in and pay ransom demands from hackers, saying it emboldens criminals to pursue other attacks. Cybersecurity professionals also say there’s no guarantee ransomware groups will fully restore systems or return data. Still, even cybersecurity pros concede that it’s a difficult decision, because ransomware attacks threaten patient safety.

Cybersecurity experts talked with Chief Healthcare Executive® recently about emerging threats facing hospitals and health systems.