Updates on 10 hospital malware attacks

Malware and ransomware attacks have hit hospital IT systems, disrupting clinical care and requiring clinicians to revert to paper records.

Hospitals typically take their systems down when an IT security incident is identified, investigate the hack and then work to restore systems and normal operations. But in the meantime, hospitals are less efficient and may halt some nonurgent services. Here is an update on 10 recent cyberattacks.

1. Hendrick Health in Abilene, Texas, reported on Nov. 9 that it shut down its IT network after a security threat. The three-hospital health system is coordinating with industry experts and law enforcement to investigate the issue.

2. On Oct. 29, Burlington-based University of Vermont Health Network reported a significant systemwide IT issue. On Nov. 2, UVM Medical Center said the health system was still experiencing outages and asked its patients to avoid contacting the health system with nonurgent matters until the issue is resolved. UVM Medical Center reassigned or furloughed about 300 workers who were unable to perform their regular jobs during the outage. The state also deployed the National Guard's cybersecurity team on Nov. 4 to aid in recovery efforts.

3. An Oct. 27 ransomware attack prompted Sky Lakes Medical Center in Klamath Falls, Ore., to take its computer system offline. The hospital said it plans to replace 2,000 computers and purchase new servers due to the attack. Sky Lakes is still restoring its IT systems, prioritizing clinical systems.

4. St. Lawrence Health System in Upstate New York was hit by ransomware Oct. 27. The three-hospital health system disconnected its IT systems and began restoring them shortly after the Ryuk ransomware was identified. St. Lawrence was able to bring its computer network back online in 10 days.

5. SoutheastHEALTH in Cape Girardeau, Mo., said it experienced an unusual amount of external system traffic on Oct. 14 and shut down its computer network to avoid a breach. The hospital brought its computer system fully back online by Oct. 17 and said no personal health information had been compromised.

6. Dickinson County Health System in Iron Mountain, Mich., discovered a malware attack on Oct. 17 and shut down its IT system. The health system implemented downtime protocols and kept its patient services and emergency departments open. The Daily Mountain News reported the health system's computer systems were back online Nov. 10.

7. Sonoma (Calif.) Valley Hospital said it shut down its computer system after an Oct. 11 security incident. The hackers gained access to several gigabytes of data, much of which was images, and workers reverted to using paper records during the downtime, the hospital revealed during a board call on Nov. 6. The hospital is still restoring its 75 systems and 215 work stations. Sonoma Valley said it will replace 50 computers as a result of the attack.

8. Ashtabula (Ohio) County Medical Center reported a cyberattack Sept. 21 that forced its computer systems offline. The hospital postponed some surgical procedures during the outage. It reopened its inpatient unit Oct. 13.

9. Lawrence (Mass.) General Hospital identified a data security incident Sept. 19 that disrupted its IT operations and exposed some patient information.

10. Cone Health in Greensboro, N.C., reported Nov. 4 that it was unable to recover patient data lost in a July ransomware attack on one of its practices. Alamance Skin Care in Burlington, N.C., said that although patient data wasn't stolen in attack, data involved in the attack couldn't be recovered.

More articles on cybersecurity:
KLAS: Top 9 healthcare IoT security platforms chosen by healthcare organizations
AMA: 5 ways physicians can combat cybercrime during the pandemic
Hospitals tighten email security, restrict external messages to prevent ransomware


Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars