The healthcare industry is now the hardest-hit by cyberattacks in the year ending in March according to IBM’s annual report on data breaches.
Healthcare providers are a prime target for criminal extortionists because of their sensitive patient data, including health care histories, payment information, and even critical research data.
Hospitals and clinics across several states began the arduous process of recovering from this latest cyberattack that disrupted their computer systems, forcing some emergency rooms to close down and ambulances being diverted.
John Riggi, National Advisory for Cybersecurity and Risk at the American Hospital Association (AHA), stated that these threats put not only patients within the hospital at risk but also endanger entire communities depending on those hospitals’ availability.
This “data security incident” was first recognized by Prospect Medical Holdings on Thursday with its affected facilities located throughout California as well as Texas, Connecticut, Rhode Island and Pennsylvania.
The company released a statement saying it had taken its systems offline in order to protect them while conducting an investigation with third-party cybersecurity specialists.
The White House is keeping track of this situation with assistance offered from Department of Health and Human Services if needed.
Due to this cyberattack recovery can take weeks according to John Riggi from AHA as hospitals revert back to paper systems and human labor instead of automated processes such as monitoring equipment or transferring records between departments.
In Connecticut, Manchester Memorial Hospital’s emergency department closed all day Thursday with Rockville General Hospital experiencing similar disruptions.
Eastern Connecticut Health Network COO Jillian Menzel reported that they have a national Prospect team examining impact across organizations while the FBI issued a statement confirming they are involved in aid of victim entities without providing further details regarding investigation progress due to confidentiality purposes.
It is yet unknown whether it was an extortive ransomware attack although it has all corresponding signs.
