The California-based Prospect Medical Holdings has been hit with a ransomware attack that has forced a shutdown for hospitals across multiple states. Recovery efforts are on the way.
The days-long security incident started last Tuesday, and many hospitals remain affected nearly a week later, a spokesperson for the healthcare group said. The company operates 16 hospitals and over 165 clinics and outpatient facilities across four states: California, Connecticut, Pennsylvania and Rhode Island.
It's another example of the dangers behind cyber attacks on the healthcare industry, which remains one of the most attractive targets for ransomware groups.
Emergency Rooms Close, Hospitals Use Paper Records
Prospect Medical Holdings revealed the company-wide ransomware attack with an announcement post noting a “data security incident that has disrupted our operations.”
Springfield, Pennsylvania's Crozer-Chester Medical System (CCMS) has reverted to old-school paper records, as many of its computers have gone offline. Representatives of this system have confirmed that the “security incident” was indeed a ransomware attack.
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get TWO months of Surfshark VPN FREE using this Tech.co special offer.
According to other reports, “many” primary care services remained closed for the majority of last week, including emergency rooms.
How Bad Is the Damage?
The company says that it has taken its systems offline in response in order to “protect” them and is investigating with the aid of “third-party cybersecurity specialists.” Operations have yet to return to normal, but the notice mentions a few details about the 16 hospitals under its purview:
- Hospitals continue to accept walk-ins through the emergency departments.
- Scheduled surgical procedures remain as planned unless patients are otherwise notified by their physician’s office.
- Visiting hours are not affected.
This is far from an isolated incident, however: According to the latest healthcare stats, a minimum of 21 systems in the US have dealt with ransomware in 2023 alone, for a total of 50 hospitals affected.
Why Is Healthcare Such a Big Target?
Ransomware attackers are looking for targets that have a few things to offer: First, they need a large amount of sensitive customer data. Without these databases, there's not much worth ransoming.
Second, the targets need to be large enough that they have a budget that could accommodate a hefty ransom. Healthcare industries fit both those criteria, along with dental, insurance, and many government operations.
In fact, healthcare operations have been more likely to be hit with ransomware than to escape it in recent years: Ransomware attacks hit 66% of healthcare organizations, a 2021 survey found, which was up from just 34% the previous year. Plus, healthcare attacks are more likely to see a ransom paid out, according to the same data.
If your hospital might be at risk, your best options are to have a cybersecurity team standing by to assist — as well as training your staff on how to spot the phishing tactics that can give attackers a foothold.