Ransomware attack disrupts care in multiple states

California-based Prospect Medical Holdings suffered a “data security incident” that prompted leaders to temporarily shut down all its IT systems, halt certain clinical operations, and divert ambulance patients to other facilities, major news outlets reported this week. 

The incident began on Thursday, August 4, and has affected Prospect Medical Holdings’ facilities in five states: California, Texas, Connecticut, Rhode Island, and Pennsylvania. The company operates 16 hospitals and more than 165 outpatient centers and clinics in these regions. 

Some facilities, such as Eastern Connecticut Health Network (ECHN), reported diverting ambulances to other emergency departments and suspending key clinical services including elective surgeries, laboratory work, imaging, and a variety of primary care and specialty offerings. 

“It was a ransomware attack,” Jillian Menzel, ECHN’s Chief Operating Officer, told local reporters at Connecticut’s News 8. “We are unsure at this time of the extent of that attack. We have a prospect team that is working on that. There’s a national command center that is working on that currently.”  

Prospect Medical Holdings acted quickly to respond to the problem by simply shutting down all its IT services to potentially prevent further damage.  

“Upon learning of [the data security incident], we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” Prospect leaders said in a statement to journalists.  “While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.” 

 Providers have reverted back to paper records during the disruption to continue providing crucial services to patients, but executives feel confident that safety and quality will not suffer due to the event. 

“Our nurses are very well-versed in the paper process that we have,” Menzel said. “This is why we do drills, every once in a while, to make sure that all the areas are up to date on this process.”  

Meanwhile, the FBI has opened an investigation into the incident, but has provided no further comment on the ongoing case.   

The White House’s National Security Council is also aware of the situation, said spokesperson Adrienne Watson. 

“The Department of Health and Human Services has been in contact with the company to offer federal assistance, and we are ready to provide support as needed to prevent any disruption to patient care as a result of this incident,” she said. 

Ransomware is a common occurrence in the healthcare environment and can be one of the most immediately devastating types of cyberattack.   

In hospitals and other healthcare settings, these attacks can also have widespread downstream effects, including longer total length of stay for patients, increased wait times, and more patients leaving without being seen. These issues ripple outward to other hospitals in the community who are forced to take overspill from the affected facilities and could impact time-sensitive care for life-threatening issues such as heart attacks and stroke. 

To prevent ransomware, or mitigate its effects if it does happen, healthcare organizations must develop strong defenses against intruders, including staff education about phishing and appropriate credential management, the use of multiple cloud service providers and backups to diversify and protect critical operations, and advanced response tools to contain threats as quickly as possible. 

Healthcare leaders can boost their cybersecurity defenses by reviewing the newly updated #StopRansomware guide, published by a coalition of government security and law enforcement agencies, and working in partnership with healthcare security experts to proactively identify areas for improvement and continually monitor potential threats. 

Jennifer Bresnick is a journalist and freelance content creator with a decade of experience in the health IT industry.  Her work has focused on leveraging innovative technology tools to create value, improve health equity, and achieve the promises of the learning health system.  She can be reached at jennifer@inklesscreative.com.