Ohio’s Kettering Health network announced a cyberattack caused a system-wide outage on Tuesday. This major incident severely impacted its ability to access certain critical patient care systems. As a direct result many scheduled patient procedures were unfortunately canceled for that day. Kettering Health stated they have procedures and plans for these types of emergency situations. They assured continued safe high-quality care for all patients currently within their facilities. While emergency rooms and clinics remained open all elective procedures were indeed canceled. This affected both elective inpatient procedures and also scheduled outpatient procedures on Tuesday. The organization’s main call center operations were also significantly affected by this outage.
Kettering Health also issued a warning to patients regarding recent scam phone call attempts. Callers were falsely impersonating hospital staff to request payments for various medical expenses. It is currently unclear whether these fraudulent calls are directly linked to the outage. Kettering Health stated it will not make calls for phone payments until further notice. This is being done out of an abundance of caution to protect their patients. The healthcare provider has not officially specified the exact type of cyberattack it suffered. However CNN reports that the Interlock ransomware gang was likely responsible for this incident. This notorious group is reportedly threatening to leak data stolen from the organization. They are demanding a ransom payment to prevent the data from being released publicly.
This attack has severely limited Kettering Health’s access to its critical patient care systems.
Their electronic health record systems appear to be among the many affected IT platforms. Appointment scheduling platforms and internal communication tools also seem to be significantly impacted. The organization’s main call center has experienced a complete and total service outage. Kettering Health is a major healthcare provider operating 14 different medical centers. It also runs 120 other facilities including hospitals clinics and stand-alone emergency departments. The network employs over 15,000 individuals and has more than 1,800 affiliated physicians. Ransomware attacks encrypt data with attackers demanding payment for the vital decryption key.
Healthcare is vulnerable due to its critical need for immediate access to patient information.
In response Kettering Health has canceled all elective procedures scheduled for Tuesday May 20th. Despite these major disruptions their emergency rooms and local clinics have remained fully open. The organization has likely reverted to using paper-based systems and various manual processes. These are standard contingency measures implemented during critical healthcare information technology outages. Kettering Health’s leadership has now assembled dedicated response teams to restore all services. They are focused on restoring services “quickly and securely” with cybersecurity expert help. Recovery typically involves isolating networks restoring from backups and adding more security measures. A dedicated webpage provides ongoing updates about the evolving system-wide technology outage situation. This incident highlights growing cybersecurity challenges that are faced by all healthcare organizations. Experts continue to stress proactive security and also comprehensive disaster recovery plans.
Reference:
