Breach Notification , Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime

2 Healthcare Systems Recovering From Cyberattacks

Sanford Health, Eskenazi Health Experience Disruptions in Services
2 Healthcare Systems Recovering From Cyberattacks

Two more healthcare systems are recovering from cyberattacks - both apparently involving ransomware - that are causing disruptions in service.

See Also: S&P 400 Financial Services Leader's Choice for Advanced Malware Protection: A Case Study

On Thursday, Sioux Falls, South Dakota-based Sanford Health and Indianapolis, Indiana-based Eskenazi Health were both still recovering from cyberattacks - both apparently involving ransomware - they each detected earlier this week.

Sanford Health Incident

Sanford Health's IT information staff was alerted Tuesday evening that its network was experiencing "a hacking disruption," local media outlet Argus Leader reports.

Sanford Health includes 46 hospitals, 1,525 physicians and more than 200 senior care locations in 26 states and 10 countries, according to its website.

"Sanford Health has experienced an attempted cybersecurity incident, and we are taking aggressive measures to contain the impact," Sanford Health's CEO Bill Gassen says in a statement provided to Information Security Media Group.

"Providing patients with exceptional care is our top priority and we are doing everything possible to minimize disruption," Gassen said. "At this time, no known patient, resident or employee personal or financial information has been compromised. We have engaged leading IT security experts to assist in the response and have notified and will be working closely with federal authorities."

Sanford Health did not immediately respond to ISMG's request for additional details about the incident, including whether ransomware was involved. But the security firm Emsisoft reports the organization was apparently a ransomware victim.

Eskenazi Health Incident

Meanwhile, Indianapolis-based Eskenazi Health began diverting ambulances to other facilities early Wednesday morning after the discovery of an "attempted" ransomware attack, reports local news site Indy Star.

The hospital reportedly shut down its network, including email, electronic medical records, and its website out of "an abundance of caution," Eskenazi Health told the Indy Star.

As of Thursday morning, Eskenazi Health's website still appeared to be offline.

Eskenazi Health, which operates a public healthcare system in Marion County, Indiana, includes a 315-bed medical center.

An Eskenazi Health spokesman on Thursday confirmed to ISMG that the "attempted attack" involved ransomware.

"We brought the system offline to remediate the attack. Our monitoring systems functioned as they should, and out of an abundance of caution, and to maintain the safety and integrity of our patient care, we have proactively shut down our network. Our current monitoring indicates that no patient or employee data has been compromised. We are working system by system with a high level of due diligence to analyze all systems before bringing them back online."

Sector Being Targeted

"Attacks on healthcare and other critical infrastructure sectors will continue despite the 'commitment’ made by certain threat groups" not to carry out such assaults, says Brett Callow, threat analyst at security firm Emsisoft.

"Ransomware is far too profitable to simply go away. Realistically, the only way we’ll make a dent in the problem is via a raft of policy measures designed to help organizations bolster their security, increase cybercriminals' risk and decrease their ROI," he says.

"While government is certainly taking steps in the right direction, it will take time for the measures being implemented to have any significant impact."

In tweets posted Wednesday, Callow asserts that Sanford Health and Eskenazi Health are among at least three dozen U.S. healthcare delivery systems to be hit by ransomware so far this year.

Of those, 18 have had data, including protected health information, stolen and released online, he adds.

Scripps Health and UF Health Central Florida are also among healthcare organizations experiencing recent cyber incidents, including ransomware.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.