Ambulance with flashing lights showing cyber attack disrupted hospital systems

Cyber Attack Crippled Hospital Systems Disrupting Healthcare Services Across Several U.S. States

A cyber attack has disrupted hospital systems across the United States, forcing healthcare facilities to halt operations, reschedule appointments, and divert ambulances.

Prospect Medical Holdings said it took the impacted systems offline to prevent further compromise after experiencing a “data security incident.” Additionally, the healthcare provider launched an investigation with third-party cyber experts and was working with IT teams to resolve the incident.

Prospect Medical Holdings operates out of California and has several hospitals, including the Southern California Hospital at Hollywood and numerous clinics there and in Texas, Connecticut, Rhode Island, and Pennsylvania.

Hospitals suspend healthcare services after cyber attack disrupts hospital systems

The cyber attack impacted all healthcare facilities dependent on Prospect’s hospital systems, forcing them to seek alternative solutions.

In Connecticut, the emergency departments at Manchester Memorial and Rockville General Hospital were closed on Thursday, and patients were diverted to other nearby medical centers.

The cyber attack also impacted primary care services at Waterbury Hospital, forcing the facility to reschedule appointments and resort to manual systems.

“Waterbury Hospital is following downtime procedures, including the use of paper records until the situation is resolved,” the hospital issued a statement saying it is working with IT security experts to restore operations.

The Eastern Connecticut Health Network (ECHN), which runs Prospect’s facilities in 19 towns in the region, indefinitely suspended surgery and GI procedures, outpatient medical imaging (M-F), outpatient blood draw, urgent care, and wound care (M-F).

“We are reaching out to patients whose care appointments may be impacted today. We will continue to provide information as we receive updates,” the network said.

The FBI in Connecticut said it was in contact with its partner law enforcement agencies and the victims but could not comment further on an ongoing investigation.

According to the National Security Council spokesperson Adrienne Watson, the Department of Health and Human Services was in contact with the company, and federal assistance was available if needed.

The cyber attack also impacted several facilities in Pennsylvania, including the Crozer Chester Medical Center, Taylor Hospital in Ridley Park, Delaware County Memorial Hospital, and Springfield Hospital.

Prospect Medical Holdings has yet to disclose the nature of the cyber attack, but medical officials in Pennsylvania revealed it was a ransomware attack.

“We have experienced a ransomware attack that is Prospect-wide, and are currently evaluating the situation,” Crozer spokesperson Lori Bookbinder told the Philadelphia Inquirer. “We will provide updates as appropriate.”

The cyber attack impacted at least 16 hospitals and over 100 other medical facilities dependent on Prospect’s hospital systems.

Impact of cyber attack on healthcare services

It remains unclear if the Prospect cyber attack has resulted in mortalities, which is a likely outcome, according to 23% of respondents in a study by Ponemon Institute and cybersecurity firm Proofpoint. Apart from the loss of lives, healthcare data breaches are the most expensive for the 13th consecutive year, averaging $10.93 million, according to IBM’s Cost of a Data Breach Report 2023.

According to John Riggi, Senior Advisor for Cybersecurity and Risk, American Hospital Association, ransomware attacks are not ordinary crimes but “threat-to-life crimes” which “directly threaten a hospital’s ability to provide patient care.”

Prospect has not given a timeline for restoring impacted hospital systems, but the process could take weeks. According to ECHN Chief Operating Officer Jillian Menzel, a national Prospect team was working to restore the impacted hospital systems.

Meanwhile, no ransomware group has publicly taken responsibility for the attack on Prospect’s hospital systems.

Healthcare remains a prime target of financially-motivated and state-sponsored attacks, with Prospect’s cyber attack marking the 157th healthcare breach in 2023.

In February 2023, the NSA, FBI, CISA, U.S. Department of Health and Human Services (HHS), and the Republic of Korea issued a joint cybersecurity advisory about North Korea targeting healthcare institutions in both countries.