CNN
—
A major U.S. health system said Thursday it was diverting ambulances from “several” hospitals following this week's cyberattack.
A cyberattack on Ascension, a St. Louis-based nonprofit network that includes 140 hospitals in 19 states, compromised electronic medical records, some phone systems and “used to order certain tests, procedures, and medications. Ascension said access to “various systems used by the public” was also blocked. said in a statement distributed Thursday night.
The vast healthcare network, which also owns 40 senior living facilities, said it would use “downtime procedures for some time” due to the cyberattack. Downtime procedures typically involve a healthcare provider backing up her processes, including paper records, to enable patient care when a computer goes down.
News of the hack broke Wednesday, and Ascension has followed a strategy familiar to many U.S. organizations that have come under attack by cybercriminals over the past 24 hours. Ascension notified federal authorities of the incident and hired Mandiant, a prominent US cybersecurity firm, to recover from the incident and shut down its systems in an effort to contain the incident.
Ascension said in a statement Thursday night that it is “actively supporting ministries that continue to provide safe patient care with established downtime protocols and procedures, and our personnel are fully trained.”
It's unclear how many Ascension hospitals are sending ambulances to other locations because of the cyberattack. A spokesperson for Ascension did not immediately respond to a request for comment on this story.
It is just the latest major hacking incident to cripple major U.S. health care networks and leave U.S. officials scrambling to provide assistance.
A February ransomware attack on Change Healthcare, a subsidiary of healthcare giant UnitedHealth Group, caused billing chaos at pharmacies across the country and threatened to put some providers out of business. UnitedHealth CEO Andrew Whitty estimated in Congressional testimony this month that a third of Americans may have had their personal data wiped out in a hack. Whitty said UnitedHealth paid a $22 million ransom to cybercriminals to protect patient data.
The Change Healthcare hack infuriated U.S. lawmakers and raised questions across the federal government about the vulnerability of the U.S. healthcare system to devastating cyberattacks with cascading effects. This question will not be answered by a cyber attack on Ascension.