UPDATE: Jan. 16, 2024: Ardent Health Services has completely restored its MyChart patient portal, about six weeks after the hospital operator was first targeted by a ransomware attack.
Patients were able to view financial statements and conduct video telehealth appointments via the portal as of Jan. 9. The system had previously recovered the features for appointment scheduling, messaging, requesting prescription refills and viewing test results.
UPDATE: Dec. 21, 2023: Ardent Health Services’ facilities have resumed non-emergent surgeries that were put on pause after a ransomware attack forced the hospital operator to take its networks offline late last month. Systems are being restored “on a regular basis,” Ardent said in a Dec. 19 update. The operator is still working to return all of its systems, including the MyChart patient portal.
UPDATE: Dec. 7, 2023: Ardent Health Services restored access to its Epic electronic health record and other clinical and business systems on Wednesday, nearly two weeks after a cyberattack forced the hospital operator to take its network offline.
Emergency rooms are accepting patients by ambulance and clinics have resumed operating, Ardent said in a Dec. 6 update. However, some non-emergent procedures are still delayed until more systems can be restored.
- Ardent Health Services is diverting emergency care to nearby facilities in multiple states after a cyberattack forced the hospital operator to take its systems offline over the Thanksgiving holiday.
- Ardent, which runs roughly 30 hospitals and 200 other care sites in six states, learned of the ransomware attack on Nov. 23, and moved to suspend access to its IT systems, including its corporate servers and Epic electronic health record, according to a Monday incident report.
- The Nashville-based company doesn’t have a firm timeline for returning to normal operations, and can’t yet confirm what patient data may have been exposed.
Healthcare data breaches have been on the rise for the past decade, exposing hundreds of millions of patient records since 2010, according to federal records. As providers and other healthcare companies adopt more digital tools, criminals also have more opportunities to exploit the sector.
Ardent operates facilities in Oklahoma, Texas, New Jersey, New Mexico, Idaho and Kansas. Facilities in at least four of those states have been compromised by the cyberattack, including UT Health in Texas, Lovelace Health in New Mexico, Hillcrest HealthCare in Oklahoma and a hospital in Montclair, New Jersey
“In an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online,” Ardent said in its release.
Ransomware, where cybercriminals demand payment in exchange for restored access to sensitive information, poses a critical threat to care delivery and public health.
The attacks can disrupt hospital operations, reducing access to care and potentially putting lives at risk. About one in four providers reported a rise in mortality rates following a ransomware attack, according to a Ponemon Institute survey in 2021.
A ransomware attack on Prospect Medical Holdings, which operates 16 hospitals in several states, forced one of its facilities in Connecticut to divert patients for more than two weeks earlier this year, according to reporting by the Connecticut Mirror. More than 342,000 patients’ health information was exposed in the attack, according to a federal disclosure.
Ransomware threats to U.S. healthcare organizations are also expensive. The attacks cost the economy around $77.5 billion in downtime since 2016, according to an analysis by cybersecurity research firm Comparitech.
Facility downtime varied by incident, but healthcare organizations lost on average 14 days following a ransomware attack, Comparitech found.