“Technical issues” at the Oklahoma City Indian Clinic have caused network disruptions that have left clinicians and providers unable to access certain computer systems, including the pharmacy department. The incident began one week ago, and the clinic is still experiencing disruptions.
OKCIC is part of the government-run Indian Health Service. The nonprofit has launched an internal review, while actively working with the IT staff and third-part specialists to determine a resolution.
The ongoing IT issues have shut down the clinic’s automatic refill line and mail order services of the pharmacy department “for an indeterminate amount of time.” Patients are being urged to call the pharmacy for needed refills, but will need to have their prescription information to do so, including the chart number, drug name, drug strength, directions and provider.
The social media posting explains that pharmacists are able to provide three-week “loaners” and patients who receive mail-based medications must come into the pharmacy with the physical prescription bottle, if they’re able.
“There is no way for OKCIC to mail medications while the system is down,” the clinic explained. “We apologize for any inconvenience this may cause and we appreciate your patience.”
The website and social media postings do not provide further details on the cause of the IT disruptions. But according to a DataBreaches.net report, the Suncrypt ransomware group may be behind the outage. The threat actor’s leak site claims to have stolen more than 350GB of data from the clinic, including those stored on the electronic health record system.
Suncrypt is threatening to release a full leak of the information if a resolution isn’t reached with the clinic.
OKCIC is the third U.S. healthcare provider to report network outages brought on by cyber incidents this year.
Taylor Regional Hospital in Kentucky was first hit with an attack in January and while most systems have been brought online, disruptions to phone lines at its oncology departments are ongoing more than two months later. Patients were warned last week that the hack resulted in the theft of patient information, including Social Security numbers and clinical information.
East Tennessee Children’s Hospital was hit with a cyberattack earlier this month and is continuing to recover. The latest update last week shows most systems have been brought back online.