Fraud Management & Cybercrime , Healthcare , Industry Specific

Hospital Chain Hit With Ransomware Attack

Ardent Health Services Operates 30 Hospitals, 200 Other Care Facilities in 6 States
Hospital Chain Hit With Ransomware Attack
Hillcrest Hospital in Claremore, Ok. is one of the Ardent Health Services facilities affected by a ransomware attack on the organization.(Image: Ardent Health Services)

Tennessee-based Ardent Health Services, which operates dozens of hospitals and other healthcare facilities in several states, said Monday it is dealing with a ransomware attack that has forced it to divert some patients and cancel or reschedule procedures.

See Also: The Healthcare CISO’s Guide to Medical IoT Security

In a statement posted Monday on its website, Ardent said it had become aware of a cybersecurity incident on Thursday morning, which it determined to be a ransomware attack.

"Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs," the organization said.

Ardent, which is based in Brentwood and operates 30 hospitals and more than 200 healthcare sites in six states - Texas, Oklahoma, Kansas, Idaho, New Mexico and New Jersey - said it had reported the incident to law enforcement and retained third-party forensic and threat intelligence advisers.

The organization said it has implemented additional security protocols and is working to restore its IT operations "as quickly as possible."

"In the interim, while this incident results in temporary disruption to certain aspects of Ardent’s clinical and financial operations, patient care continues to be delivered safely and effectively in its hospitals, emergency rooms, and clinics," Ardent said.

But some facilities are rescheduling "non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online," Ardent said.

The organization said restoration of access to its electronic medical records and other clinical systems is ongoing. "Ardent is still determining the full impact of this event and it is too soon to know how long this will take or what data may be involved in this incident. At this time, we cannot confirm the extent of any patient health or financial data that has been compromised."

This is the latest of several attacks on regional healthcare providers in the U.S., Canada and elsewhere.

They include a ransomware attack on TransForm Shared Service Organization, which services hospitals in the Ontario area - Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital.

Those Canadian hospitals have been struggling since the Oct. 23 attack that disrupted access to electronic health records and other critical systems. TransForm has said it expects full recovery to take until at least mid-December (see: Ontario Hospitals Expect Monthlong Ransomware Recovery).


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.