[ad_1]
The emergency rooms at Hackensack Meridian’s Mountainside Medical Center in Montclair and Pascack Valley Medical Center in Westwood are currently on divert status after a network outage due to a potential security incident, Hackensack Meridian Health said.
The incident was a ransomware attack, according to Ardent Health Services, which oversees the two hospitals in a joint venture.
“The Ardent technology team immediately began working to understand the event, safeguard data, and regain functionality,” the company said. “Ardent has reported this event to law enforcement and retained third-party forensic and threat intelligence advisers.
“In addition to electronic protection procedures already in place, Ardent has also implemented additional information technology security protocols and is working with specialist cybersecurity partners to restore its information technology operations and capabilities as quickly as possible,” the statement said. “At this time, we cannot confirm the extent of any patient health or financial data that has been compromised.”
Patient care and other Hackensack Meridian hospitals are not being affected by the incident.
Emergency room patients are still receiving proper care. However, local EMS are being advised to divert patients to other area hospitals while the systems issues are being addressed.
Story continues below photo gallery.
“This ensures critically ill patients have immediate access to the highest level of care as we work to bring our systems back online,” Hackensack Meridian Health said.
Nashville-based Ardent, which operates 30 hospitals nationwide, is currently working to restore full access to facilities and assess the full impact of the incident. They are also conducting a further investigation.
History of cybersecurity attacks
Hackensack Meridian, a network with 18 hospitals and 36,000 employees, is no stranger to cybersecurity attacks.
Smoking:Will smoking be banned in Atlantic City casinos? Lawmakers to consider bill this week
NJ:New law gives more time to grieving relatives to update vehicle registration
In 2019, hackers disabled its computer network for two days, leaving staff members scrambling to reschedule non-emergency surgeries. Doctors and nurses had to deliver care without access to electronic records.
The hospital network paid an undisclosed amount in ransom to stop a cyberattack that had disrupted its computers. At the time, hospital executives said they had insurance to help cover the costs associated with cyberattacks, including payment, remediation and recovery efforts.
Hackers target hospitals nationwide
Hackers began targeting hospitals nationwide more than a decade ago because many had recently converted to digital records from paper. Their data security wasn’t considered as strong as that of banks and other businesses that had been hacked in the past, although advances have been made in recent years.
The attacks often involve ransomware, with hackers disabling systems and promising to return them to normal in return for lucrative payments.
Hospitals are also more likely to pay ransoms, because crippling operations could lead to deadly consequences, security analysts have said.
A successful attack can be costly.
In 2020, Newark’s University Hospital reportedly paid a $670,000 ransomware demand to prevent the publishing of 240 gigabytes of stolen data, including patient information.
Hospitals are prime targets
The number of ransomware attacks on health care organizations more than doubled each year from 2016 to 2021, which exposed the medical information of approximately 42 million patients, according to a study published last year in the Journal of the American Medical Association.
Hospitals are prime targets because they often have a huge network where information needs to be shared among several parties, from physicians to specialists to billing departments, leading to more ways it can be illegally obtained by hackers, said Stanislav Mamonov, a Montclair State University business professor and IT expert.
Hospitals also hold information that can be extremely valuable on the black market.
“They are in possession of a vast amount of personally identifiable information that can fetch three to four times what a social security number can,” he said. “Just because they are asking for a ransom doesn’t mean that’s all they’re after.”
[ad_2]
Source link
