Cyberattack Forces Emergency Room Closures and Ambulance Diversions at Several Hospitals

In a targeted ransomware attack, cybercriminals struck the computer systems of Prospect Medical Holdings, a Los Angeles-based health care provider with hospitals and clinics across Connecticut, Pennsylvania, Rhode Island, and Texas. As a consequence, emergency rooms in multiple states were forced to shut down, and ambulance services were diverted. In response to the incident, Prospect Medical is actively investigating the breach’s origins and is diligently working to resolve the issue, as stated in a press release on Friday.

“Prospect Medical Holdings, Inc. recently experienced a data security incident that has disrupted our operations,” the company said in a statement. “Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists. While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”

On Friday night, the FBI announced its initiation of an investigation into the breach as well. The agency also issued a statement saying, “We continue to encourage anyone who thinks they are a victim of this incident to report to ic3.gov or your local FBI field office.”

The Pennsylvania Association of Staff Nurses and Allied Professionals, representing the nurses’ union at Crozer-Chester Medical System in Springfield, revealed that the hospital has switched back to a paper-based system due to the majority of computers being offline. According to the labor group, it is not expected that the computers will be restored to full functionality until next week.

Law enforcement officials also mentioned that the cyberattack also affected two hospitals in Rhode Island, named Roger Williams Medical Center and Our Lady of Fatima.

IBM’s annual report on data breaches reveals that the healthcare industry remains the primary global target for cyberattacks. For the 13th consecutive year, this sector has reported the priciest breaches, with an average of $11 million per incident. This staggering figure is nearly double the average impact experienced by the second-largest sector, finance, which stands at $5.9 million per breach.

According to John Riggi, the American Hospital Association’s senior cybersecurity advisor, the recovery process can be time-consuming, often extending to weeks. During this period, hospitals may resort to paper systems, and personnel may take on the responsibility of manually monitoring equipment or transporting records between different departments.

Due to the data breach, the emergency room departments of Manchester Memorial and Rockville General hospitals in Connecticut were compelled to shut down on Thursday. Hospital authorities diverted patients to neighboring medical centers as a result. Moreover, all health care facilities owned by Prospect Medical are currently grappling with IT complications, leading to the closure of numerous services, including elective surgeries and urgent care. The company has stated on its website that podiatry, wound care, women’s wellness, and gastroenterology services have also been temporarily suspended.

“Our computer systems are down with the outage affecting all Waterbury Health inpatient and outpatient operations. We are in the process of reevaluating our downtime capabilities and may reschedule some appointments. Affected patients will be contacted,” Prospect Medical’s hospital in Waterbury, Connecticut, posted on its Facebook page.

The impact of the attack in Pennsylvania extended to various Crozer Health facilities, such as the Crozer-Chester Medical Center in Upland and Taylor Hospital in Ridley Park. Last year, Crozer had already closed crucial health care services, including emergency services at Springfield Hospital and Delaware County Memorial Hospital, as mentioned on the Delaware County website.

Apex Technology Management has earned a reputation as a dependable and trustworthy partner for businesses and municipalities throughout California. Our primary focus on Cybersecurity emphasizes the significance of recognizing potential risks and proactively addressing them. Our team approach includes proficient IT and Cybersecurity experts who are fully equipped to lead you through this endeavor, offering a thorough assessment of your organization’s vulnerabilities and a personalized action plan to safeguard your operations. By teaming up with Apex Technology Management, you can have peace of mind, knowing that your business is safe, secure, and stable. This will allow you to concentrate on what truly matters: your core operations and business growth.

Sources: https://www.cbsnews.com/news/prospect-medical-cyberattack-california-pennsylvania-hospital/