Updates on 5 hospital cyberattacks

Several hospitals and healthcare providers were hit by cyberattacks in October, including six ransomware attacks in 24 hours.

Here are updates on five of those attacks.

1. An Oct. 27 ransomware attack prompted Sky Lakes Medical Center in Klamath Falls, Ore., to take its computer system offline. The hospital delayed services requiring imaging but maintained operations. In an Oct. 31 Facebook post, the hospital said it still was investigating the Ryuk malware attack on its computers and was using paper records as its IT team worked to restore its systems.

2. St. Lawrence Health System in Upstate New York also was hit by ransomware Oct. 27. The three-hospital health system disconnected its IT systems and began restoring them shortly after the Ryuk ransomware was identified. The health system was still experiencing outages as of Oct. 30, according to a Watertown Daily Times report.

3. On Oct. 29, Burlington-based University of Vermont Health Network reported a significant systemwide IT issue. Some appointments and elective surgeries were delayed due to the outage, and patients were unable to access their online portals. On Nov. 2, UVM Medical Center said the health system was still experiencing outages and asked its patients to avoid contacting the health system with nonurgent matters until the issue is resolved. The hospital remains open for emergency care. Health system officials told the local CBS affiliate that they don't know the cause of the cyberattack but said it was not ransomware.

4. SoutheastHEALTH in Cape Girardeau, Mo., said it experienced an unusual amount of external traffic on Oct. 14 and shut down its computer network to avoid a breach. The hospital brought its computer system fully back online by Oct. 17 and said no personal health information had been compromised.

5. Sonoma (Calif.) Valley Hospital said it shut down its computer system after an Oct. 11 security incident. The hospital said it was unable to post new test results to its patient portal during the shutdown but continued necessary and elective surgeries. In an Oct. 30 update, the hospital said it had experienced a ransomware attack and had taken all electronic systems offline. The hospital said it has not paid the ransom and is cooperating with law enforcement.

The hackers were unable to block access to Sonoma Valley's servers, and the hospital expelled the ransomware from its system, but the cybercriminals may have removed a copy of a subset of data before being locked out, the hospital said. It's also possible some patient information was compromised, according to a statement from the hospital. Sonoma Valley's EHR was not affected by the incident. The hospital said it is working to restore full operations.

More articles on cybersecurity:
Hackers target Microsoft Windows vulnerability: 5 details
Ohio hospital accidentally posted protected health info online: 4 details
Nearly 700,000 health records breached in October

 

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.