PIH Health faced a major disruption to its operations on December 1, 2024, following a ransomware virus attack that compromised a segment of its network. In response to the breach, the healthcare provider made the decision to take its entire network offline as a precautionary measure. This move affected critical communication systems, including phone lines, voice messages, and internet services, across three hospitals in Downey, Los Angeles, and Whittier, as well as outpatient facilities and home health agencies. The shutdown left patients unable to communicate with their healthcare providers, causing widespread disruption to the delivery of medical services.
To mitigate the impact on patients, phone lines for all three affected hospitals have been rerouted to operators at PIH Health Good Samaritan Hospital, where they remain operational. Despite the significant network challenges, most in-person services have continued without interruption. However, patients with scheduled appointments were advised to arrive earlier than usual as the facilities are operating under downtime procedures. If any procedures were canceled due to the attack, affected patients were informed directly by the hospital.
PIH Health has engaged third-party cyber forensic specialists to assist with the investigation and recovery efforts. The ransomware virus has been isolated, and work is currently underway to securely restore the affected systems. As of now, it remains unclear whether any patient information has been compromised in the attack. Officials have not provided a timeline for when the investigation will conclude or when communication systems will be fully restored. The hospital has assured patients and the public that it is taking all necessary steps to resolve the situation as quickly as possible.
This incident underscores the growing threat of cyberattacks on healthcare providers, which are increasingly targeted for the sensitive data they hold. As healthcare organizations continue to modernize and digitize their operations, they must bolster their cybersecurity measures to prevent such attacks and protect patient privacy. PIH Health’s swift response to the attack and its ongoing recovery efforts will likely serve as a case study for other healthcare providers in managing cybersecurity breaches.
Reference:
