A major cyberattack has disrupted healthcare services across multiple states in the U.S., affecting hospitals owned or partly owned by Ardent Health Services. Capital Health, which operates two hospitals in New Jersey, experienced a network outage due to the cyberattack. This incident is one of several attacks that affected hospitals, including a 263-bed facility in Albuquerque, New Mexico, and a 365-bed hospital in Montclair, New Jersey. Hospitals in East Texas were also impacted. The affected hospitals serve thousands of patients annually and attacks of this nature hinder their ability to admit patients and provide continuous care.
The attack consisted of locked computer systems and demanded a ransom, causing substantial operational disruptions. Ransomware attacks have been increasingly targeting healthcare providers, since the pandemic. Ardent Health Services confirmed that the attack led to some emergency room patients being diverted to other hospitals and the rescheduling of non-emergency surgeries. Staff at one of the New Jersey hospitals affected by the attack had to resort to paper records as the digital systems were compromised. This shift slowed down operations and affected efficiency, including tracking patient lab work.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) had previously contacted Ardent Health Services to warn about potential malicious cyber activity. Despite Ardent Health detecting unusual activity in their system on November 20, the full extent of the attack was not realized until Thanksgiving Day. This incident shows the requirement for healthcare facilities to have rapid detection and response mechanisms in place to mitigate the impact of cyber threats.
In response to the cyberattack, Capital Health immediately notified authorities and engaged its information technology team to safeguard data, assess the incident, and regain system functionality. Although both hospitals under Capital Health continued to admit and treat patients requiring inpatient care, outpatient radiology services were suspended, and some tests were rescheduled. The impact of the cyberattack extended beyond immediate patient care, indicating the lasting effects these attacks can have on hospital operations. This isolated incident is indicative of the increasing frequency and severity of healthcare cyberattacks.