Hospital Computers Offline for Weeks Due to Cyberattack

This post is also available in: עברית (Hebrew)

Important computer systems at hospitals and clinics have been offline for over two weeks after a cyberattack forced emergency room shutdowns and ambulance diversions. According to Prospect Medical Holdings, progress is being made “to recover critical systems and restore their integrity,” but the company, which runs 16 hospitals and dozens of other medical facilities in various states could not say when operations will return to normal.

The recovery process for this situation can often take weeks, and in the meantime, hospitals are reverting to paper systems and people to monitor equipment, run records between departments, and do other tasks that are usually electronic.

The said attack was announced on August 3rd, and despite having all the signs of extortive ransomware, officials would neither confirm nor deny this. Because of the attack some elective surgeries, outpatient appointments, blood drives, and other services are still postponed.

Since the attack, the hospital in Waterbury has been using paper records instead of computer files but is no longer diverting trauma and stroke patients to other facilities, according to spokeswoman Lauresha Xhihani.

According to IBM’s annual report on data breaches, the healthcare industry was globally hit the hardest by cyberattacks this past year, reporting for the 13th year the most expensive breaches, each averaging $11 million. The reason healthcare providers are a common target for criminal extortionists is that they have sensitive patient data, including histories, payment information, and even critical research data.