Incident Response, Ransomware

Indiana hospital suspends IT systems in response to ongoing cyberattack

“Emergency Room Entrance – ER – Hospital” by weiss_paarz_photos is licensed under CC BY-SA 2.0

Late Wednesday night, Schneck Medical Center in Indiana was hit with a cyberattack that impacted operations, leading the security team to suspend access to all IT applications across the hospital network, according to a posting on the hospital’s website.

The latest posting shows the attack is causing intermittent issues with the phone systems. Meanwhile, patients are reporting access issues on the hospital’s social media page. The provider's website remains online.

Schneck Medical is currently working with its third-party security firm to restore operations as quickly as possible, in addition to enhancing its IT security protocols. An investigation is underway, and law enforcement has been notified.

“These types of situations take time to fully resolve… and [the hospital] is taking appropriate actions to safely and quickly resolve any disruption to our systems,” officials said in a statement.

Most patient services have been unaffected by the outage, officials explained. But there are direct mentions for urology, pulmonology, endocrinology, and neurology patients to call with questions. Patients are being told to confirm appointments and treatment plans with their provider.

For now, officials stressed that patient care is continuing as normal. The notice does not detail whether the electronic health record or other patient care systems have been affected by the incident, nor whether the attack was tied to ransomware.

The cyberattack struck amid a spike in COVID-19 cases surrounding the Seymour, Indiana, area. Beginning on Sept. 6, Schneck Medical Center temporarily suspended some inpatient non-emergent surgeries throughout the hospital that were deemed safe to postpone.

The postponements were a direct response to the surge in COVID-19 cases and subsequent hospitalizations in the surrounding community. The Indiana State Department's dashboard shows there are 2,248 patients currently hospitalized with COVID-19 in the state, with 26% of ICU beds being used to treat those infected with the virus.

Officials explained the delays will enable the care team to “conserve intensive medicine resources, such as hospital beds and supplies.” The goal is to allow caregivers to be reassigned to treat COVID-19 and non-COVID-19 hospitalized patients.

“This is part of Schneck’s surge plan that was developed months ago at the beginning of the pandemic,” said Eric Fish, MD, president and CEO of Schneck, in a statement. “We will reassess the situation daily to determine if we need to extend or expand postponements. This decision was made in the interest of community safety.” 

“It is a necessary and appropriate step given the sharp spike in hospitalizations for patients with COVID-19,” he added.

The situation is one industry stakeholders have raised concerns in recent months, as ransomware attacks continue to result in network outages that directly impact patient safety. Recent data reaffirmed that ransomware has a direct impact on patient mortality, driven, in part, by the ongoing pandemic.

About a quarter of the 597 providers surveyed by the Ponemon Institute saw a spike in mortality rates in their health care organization directly following an attack, while the majority faced increases in the length of stay and other delays in procedures and tests that led to poor patient outcomes.

Another 36% said the response to cyberattacks led to complications from medical procedures. As previously noted by Ed Gaudet, CEO and founder of Censinet, “The combination of data breaches, ransomware attacks, and COVID-19 has created the perfect cybersecurity storm and the worst two years on record for IT and security leaders in health care.”

Jessica Davis

The voice of healthcare cybersecurity and policy for SC Media, CyberRisk Alliance, driving industry-specific coverage of what matters most to healthcare and continuing to build relationships with industry stakeholders.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.