In another “real-world impact” story: Hospitals in multiple states are impacted by a ransomware attack against their parent company, Ardent Health. Ardent operates 37 healthcare facilities across the United States.
On and after Thanksgiving, multiple local news sources reported that hospitals in their area are dealing with attacks, forcing them to divert ambulances to other facilities among other actions.
The company initially did not respond to requests for comment. By Sunday, cybersecurity experts began to put the pieces together and surmise that the attacks were connected. (from The Record)
On Monday (November 27th), Ardent confirmed that it had begun responding to a cyber incident on Thanksgiving morning. Shout out to the incident responders working over the holiday to address this!
The Ardent technology team immediately began working to understand the event, safeguard data, and regain functionality. As a result, Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs.
More Impact
This one seems rather obvious. According to news reports, hospitals in Texas, Idaho, Oklahoma, New Mexico and New Jersey reported problems. While we aren’t yet sure how much (if any) patient data was exfiltrated (though it’s a safe bet that some was), the immediate impact here is a dangerous one. According to multiple news outlets, facilities were turning away ambulances. Typically, we aren’t in an ambulance for convenience.
Cybersecurity incidents such as this one impact real lives. It’s why everyone needs to care and be invested in securing themselves and their organizations.
