Ransomware Attack Shuts Down Emergency Rooms Across Four States

A ransomware attack on Prospect Medical Holdings had life-threatening implications last week as hospitals in four states were forced to shut down emergency rooms and divert ambulances to alternative facilities.

Prospect Medical Holdings (Prospect) describes the attack as a “data security incident that has disrupted our operations”. Shortly after the initial detection on August 3rd, Prospect formally disclosed the incident.

Once the incident was detected, Prospect immediately took their systems offline, which caused emergency rooms and clinics in their system to shut down operations in 16 hospitals across Pennsylvania, Rhode Island, California and Connecticut – creating a ripple effect on ambulance routes, hospital volumes and most importantly, patients.

According to reports, the impacted Pennsylvania facilities are primarily in the Philadelphia region, including Crozer-Chester Medical Center in Upland, Taylor Hospital in Ridley Park, Delaware County Memorial Hospital in Drexel Hill and Springfield Hospital in Springfield.

While some hospitals operated through the attack using pen and paper, some facilities estimated it may take at least a week to completely recover.

In addition to emergency rooms shutting down, the attack also reportedly disrupted key operations, including outpatient appointments, surgical procedures, blood drives and ambulance routes. Elective surgeries and urgent care in Connecticut were also halted, according to the Eastern Connecticut Health Network, as well as podiatry, wound care, women's wellness and gastroenterology services.

This attack is a staunch reminder that the healthcare industry will always have a target on their back as outages like this put human lives at risk. The attack directly prevented the availability of emergency health services while simultaneously straining resources at other facilities due to rerouting ambulances and patients.

Thankfully, there are no reports of the attack causing any deaths or complications; however, it is eerily reminiscent of the Duesseldorf University Hospital incident that resulted in one death due to emergency services being unavailable, as well as the CommonSpirit Health attack this past October that resulted in similar system outages and hospital closures.

The FBI and White House are currently investigating the incident, and as of the publication of this article, no ransomware group has taken credit for the attack.

Ransomware on the Rise in 2023

This attack also dispels the optimism around the idea that ransomware was on the decline due to a decrease in reported ransomware attacks and payments in 2022.

In fact, 2023 is forecasted to be one of the largest years for ransomware revenue, as  recent reports show ransomware victims’ payments totaled nearly $449 million in the first half of 2023 – in comparison to 2022, which didn’t even reach $500 million.

And even if there is a decline in the volume of attacks, at some point, the healthcare industry will most likely still be a top target due to the dangerous impact an outage can have.

About Schneider Downs Cybersecurity

The Schneider Downs Cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at www.schneiderdowns.com/subscribe.

To learn more, visit our dedicated Cybersecurity page.

 

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
SEC Charges SolarWinds and CISO Timothy Brown For Misleading Investors
Think Before You Click: Fake Browser Updates are Back in Style
Protect Your Manufacturers: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Retail Business: 3 Common Cyber Attack Methods to Watch Out for in 2023
Cybersecurity in the Construction Industry
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Pittsburgh

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.

×