By Jonathan Mattise

A ransomware attack has prompted a health care chain that operates 30 hospitals in six states to divert patients from at least some of its emergency rooms to other hospitals, while putting certain elective procedures on pause, the company announced.

In a statement Monday, Ardent Health Services said the attack occurred Nov. 23 and the company took its network offline, suspending user access to its information technology applications, including the software used to document patient care.

The Nashville, Tennessee-based company said it cannot yet confirm the extent of any patient health or financial information that has been compromised. Ardent says it reported the issue to law enforcement and retained third-party forensic and threat intelligence advisors, while working with cybersecurity specialists to restore IT functions as quickly as possible. There's no timeline yet on when the problems will be resolved.

Ardent owns and operates 30 hospitals and more than 200 care sites with upwards of 1,400 aligned providers in Oklahoma, Texas, New Jersey, New Mexico, Idaho and Kansas.

All of its hospitals are continuing to provide medical screenings and stabilizing care to patients arriving at emergency rooms, the company said.

“Ardent’s hospitals are currently operating on divert, which means hospitals are asking local ambulance services to transport patients in need of emergency care to other area hospitals,” the company said on its website. “This ensures critically ill patients have immediate access to the most appropriate level of care.”

The company said each hospital is evaluating its ability to safely care for patients at its emergency room, and updates on each hospital's status will be provided as efforts to bring them back online continue.

There was no immediate claim of responsibility for the attack. Ransomware criminals do not usually admit to an attack unless the victim refuses to pay.

A recent global study by the cybersecurity firm Sophos found nearly two-thirds of health care organizations were hit by ransomware attacks in the year ending in March, double the rate from two years earlier but a slight dip from 2022. Education was the sector most likely to be hit, with attack saturation at 80%.

Increasingly, ransomware gangs steal data before activating data-scrambling malware that paralyzes networks. The threat of making stolen data public is used to extort payments. That data can also be sold online. Sophos found data theft occurred in one in three ransomware attacks on healthcare organizations.

Analyst Brett Callow at the cybersecurity firm Emsisoft said 25 U.S. healthcare systems with 290 hospitals were hit last year while this year the number is 36 with 128 hospitals. “Of course, not all hospitals within the systems may have been impacted and not all may have been impacted equally,” he said. “Also, improved resilience may have improved recovery times.”

“We’re not in a significantly better position than in previous years, and it may actually be worse,” he said.

“We desperately need to find ways to better protect our hospitals. These incidents put patients' lives at risk — especially when ambulances need to be diverted — and the fact that nobody appears to have yet died is partly due to luck, and that luck will eventually run out,” Callow added.

Most ransomware syndicates are run by Russian speakers based in former Soviet states, out of reach of U.S. law enforcement, though some “affiliates” who do the grunt work of infecting targets and negotiating ransoms live in the West, using the syndicates’ software infrastructure and tools.

The Kremlin tolerates the global ransomware scourge, in part, because of the chaos and economic damage to the West — and as long its interests remain unaffected, U.S. national security officials say.

While industries across the spectrum have been hit by ransomware, a recent attack on China’s biggest bank that affected U.S. Treasury trading represented a rare attack on a financial institution.

Associated Press technology reporter Frank Bajak contributed to this report.

Share:
More In Technology
RapidAPI Raises $150 Million to Empower Developers to Innovate and Build Software Faster with APIs
API platform RapidAPI recently became a unicorn with a $1 billion valuation after raising $150 million in a Series D funding round led by Softbank Vision Two Fund. Microsoft's Venture Fund, M12, and Andreessen Horowitz also participated. RapidAPI says it provides the world's largest API hub which enables millions of developers and companies to build software faster. Iddo Gino, founder and CEO of RapidAPI, joins Cheddar News' Closing Bell to discuss.
Behind Meta Pivot on Name and Ticker Amid Fears of Approaching Recession
Facebook parent Meta officially has changed it’s ticker symbol from ‘FB’ to ‘META’. Paul Meeks, a portfolio manager, Independent Solutions Wealth Management, and a professor of practice in the Baker School of Business at The Citadel, joined Cheddar News to discuss why the tech giant has had to make big changes to its name, its ticker, and its business plans. "When you see what's happening in digital advertising — and there was a slowdown there even before the threat of a recession, which could cause a even more drastic slowdown next year — they had to pivot," he said. Meeks noted he sees Facebook dominating in the metaverse space going forward — whatever that may end up being.
Want to Get in on Long Distance Dating? Bumble's Shan Boodram Has Tips
In a recent Bumble survey, more than a third of respondents revealed that they would be willing to date people in other cities. Shan Boodram, a sex and relationships expert for the app, joined Cheddar News to talk about the long-distance dating trend and tips on how to go about taking part. "I think this is the magic of what we experienced over the past couple of years, is that we have already learned the tools necessary to stay connected with people despite not being able to be close to them," she noted. Boodram also pointed to Bumble's travel mode and using video conferencing in order to ease into such relationships.
Plant-Based Way to Quit Smoking; Innovation in Stroke Therapy
On this episode of Cheddar Innovates: CEO of Achieve Life Sciences discusses a new plant-based compound that's being used to fight nicotine addiction; President & CEO OF DiaMedica Therapeutics explains a new ischemic stroke treatment option that expands the window for effective therapy for stroke patients; Cheddar gets a look at Curiosity Stream's 'Asteroid Rush.'
Hot summer could lead to rolling blackouts
We are already starting to feel the effects of summer. Heat waves in Texas and California are already sending temperatures soaring. That could spell trouble for the nation's power supply. there are new concerns about outages in many areas of the country. Cheddar's Shannon Lanier explains the two main causes of blackouts, and what states are doing to keep the lights on and the air conditioning running.
U.S. Stocks Closed at Session Highs Tuesday
U.S. stocks close Tuesday at session highs after a subpar start to the trading day. Tim Chubb, Chief Investment Officer at the wealth advisory firm, Girard, joins Cheddar News' Closing Bell to discuss. 'We're starting to see the moderation of three core things -- we've seen the moderation of prices, we've seen the moderation of wage growth we've seen in the labor market, and we've also seen a moderation of job openings,' he says.
Load More