Ransomware Attack on Ardent Health Services Causes Disruption at Hospitals

Bond Schoeneck & King PLLC
Contact

Bond Schoeneck & King PLLC

[co-author: Victoria Okraszewski]*

On Nov. 27, 2023, Nashville-based healthcare corporation Ardent Health Services (Ardent) announced that a ransomware attack impacted 30 of its hospitals and forced the shutdown of several emergency rooms in at least three states. This announcement came days after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) notified Ardent of suspicious activity in its environment.

Over Thanksgiving weekend, Ardent launched an investigation into the network activity and notified law enforcement. Ardent also engaged third-party forensic and threat intelligence advisers to investigate the breach and assist with restoring its information technology operations. On Nov. 23, investigators were able to confirm the suspicious activity was a ransomware attack.

To contain the threat, Ardent has taken its network offline and suspended access to its information technology applications for all users, including its corporate servers, Epic software, internet and clinical programs. As a result, many non-urgent elective surgeries will be rescheduled after Ardent’s network is restored. As of November 28, half of Ardent’s 25 emergency rooms were diverting patients requiring immediate care to other local hospitals. To date, Ardent has not commented on whether health records or financial information have been compromised.

Key Takeaways

The ransomware attack on Ardent demonstrates the real-time severity of impact that cyberattacks targeting large health care organizations can have on the patients they serve. A health care provider’s sudden loss of data can create ripple effects that impact a patient’s ability to receive medical care for weeks or even months after a threat has been contained. Further, a recent study showed that during a ransomware attack, in-hospital mortality increases by 20-25%. Health care companies should take steps to preserve the integrity of data by creating frequent backups of sensitive records that are stored on a separate and secure network.

Ardent’s unfortunate incident is not an anomaly. Hospitals and other healthcare facilities remain a high-value target for cybercriminals due to these organizations’ large troves of sensitive data, and heavy reliance on technology to provide critical patient care, including maintenance of electronic health records necessary for physicians to rely upon for patient evaluation and diagnosis. Just this year, several other health care organizations throughout the country have suffered similar cyberattacks. For example, Nevada-based medical transportation company Perry Johnson & Associates experienced a cyberattack that impacted two healthcare providers in New York State. During the breach, Social Security numbers and medical information were accessed by the cybercriminal. This prompted New York Attorney General Letitia James to warn affected New York residents to take preventative action against identity theft.

*Special thanks to Associate Trainee Victoria Okraszewski for her assistance in the preparation of this blast. Victoria is not yet admitted to practice law.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Bond Schoeneck & King PLLC

Written by:

Bond Schoeneck & King PLLC
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Bond Schoeneck & King PLLC on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide