Hospitals across three different states were forced to divert patients from emergency rooms and reschedule elective procedures after their parent company was hit with a ransomware attack last week.
According to CheckPoint, “Ransomware is a malware designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key, cyberattackers place organizations in a position where paying the ransom is the easiest and cheapest way to regain access to their files.”
Ardent Health Services, the parent company of more than 30 hospitals across the United States, reported that they had been victims of a ransomware attack in Texas, New Mexico and Oklahoma. According to the company, the attack took place on November 23, which was Thanksgiving Day — likely a busy day for hospitals, as most holidays are.
“In an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online,” the company explained in a press release.
As of Monday morning, several hospitals were still unable to accept ambulances due to the attack — including a 263-bed hospital in Albuquerque, New Mexico; a 365-bed hospital in Montclair, New Jersey; and several hospitals in East Texas.
Patient care “continues to be delivered safely and effectively in its hospitals, emergency rooms, and clinics,” Ardent Health Services noted in a statement on Monday.
The company reported that the ransomware attack shut down their computer systems, including clinical programs and Epic Systems — a software program used to track health records of patients.
While many argue that it is easier and cheaper to just pay the ransom in these situations to regain access to computer systems, the FBI has consistently maintained that ransomware attack victims should not give in to the demands.
Since 2019, ransomware attacks against hospital chains have been fairly common — including at least one instance where a ransomware attack was a major factor in one large hospital’s closure. There have been more than 35 ransomware attacks against U.S. healthcare providers thus far in 2023, according to experts.