A health system company, Prospect Medical Holdings, is facing a ransomware attack that is disrupting operations in 17 hospitals and 166 outpatient clinics.
Prospect Medical Holdings, a Los Angeles-based private equity firm, first disclosed the breach on August 3rd. The situation is ongoing and limited information is available. Here’s what we know so far.
Hospitals and clinics across Connecticut, Pennsylvania, Rhode Island, and Southern California were affected.
According to an AP report, hospitals and clinics are facing varying degrees of disruption. Eastern Connecticut Health Network, for instance, has a number of services suspended, including elective surgeries, outpatient blood draws, and physical therapy. Other hospitals were forced to shut down and divert patients to nearby facilities. At one hospital in Waterbury, Connecticut, the hospital continued operating but used only paper as part of their “downtime” procedure.
While several individual hospitals have stated that it is a ransomware attack, Prospect Medical Holdings has yet to confirm or deny the claim.
Unfortunately, ransomware attacks against hospitals are increasingly frequent and can lead to delays in treatment. In some cases, the financial implications can also be devastating, particularly in rural areas.
Attacks have become more and more sophisticated and difficult to prevent. In the face of them, many experts advise hospitals to avoid paying the ransom, which can encourage the attackers to continue their work.
Read more: Refusal to pay is the newest strategy to combat ransom attacks
In a statement on Friday, the company said it took systems offline and is now working with third-party cybersecurity specialists. The FBI may also be conducting a separate investigation.
The company stated, “While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”
The AP report detailed the serious nature of cyber attacks such as these. John Riggi, the American Hospital Association’s national advisor for cybersecurity and risk, said the recovery process can take weeks. “These are threat-to-life crimes, which risk not only the safety of the patients within the hospital, but also risk the safety of the entire community that depends on the availability of that emergency department to be there,” says Riggi.
While Prospect Medical Holdings has yet to confirm, a spokesperson for the Eastern Connecticut Health Network stated, “It was a ransomware attack…We are unsure at this time of the extent of that attack. We have a prospect team that is working on that.”
The case at Prospect Medical Holdings is still developing, and it’s unclear how much data may have been stolen. While no ransom organization has taken credit for the attack, it’s likely that one will in the coming days.
While many hospitals are able to operate to a certain extent, some are left floundering without their data systems available for use. Even when the hospitals are fully operational again, it will still take time to recover fully.
Related: HIPAA Compliant Email: The Definitive Guide