Ransomware Attack Postpones Life-Saving Surgeries
Tulsa, Oklahoma — Annie Wolf's open-heart surgery was just two days away when the Hillcrest Medical Center in Tulsa, Oklahoma, called, informing her that her procedure had been postponed after a major ransomware attack.
"I've got a hole in my mitral valve, and basically walking around, I can't breathe," Wolf told CBS News. "And I get very fatigued, very tired, very quickly. If I go to the store, I've got to ride the scooter."
Wolf is just one of the patients impacted after Ardent Health Services says it became aware of the cyber breach on Thanksgiving day affecting 30 hospitals and more than 200 health care sites across six states.
J.D. Bloomer has had an annual cancer check since he was diagnosed in 2008. However, the cyberattack turned his routine visit at the University of Kansas Healthcare System St. Francis campus in Topeka into a scheduling headache.
"They informed me that my procedure for tomorrow had been canceled," Bloomer told CBS News. "...I said, 'OK, when will be rescheduling?' And she said, 'When the network returns.'"
In a press release, Ardent Healthcare announced that it has taken immediate action to protect patient data after experiencing a cyberattack. As a precautionary measure, the company has temporarily shut down its computer network, resulting in the diversion of ambulances from two of its New Jersey facilities to nearby medical centers.
Ardent Healthcare has also made the decision to reschedule non-emergent, elective procedures and redirect some emergency room patients to other hospitals in the area. The company has not provided a timeline for when the situation will be resolved.
According to the Institute for Security and Technology, a total of 299 hospitals have been targeted by ransomware attacks in 2023.
Kiersten Todt, former chief of staff at the Cybersecurity and Infrastructure Security Agency, expressed concerns about the potential loss of life due to the impact of a cyberattack on the 911 infrastructure of a hospital system. Dr. Christian Demef, co-director of the UC San Diego Center for Healthcare Security and an emergency room physician, shared his firsthand experience of a ransomware attack in his community that led to a significant increase in ambulance traffic. He emphasized the importance of timely medical care for life-threatening conditions and the challenges faced when systems are compromised.
"Malicious actors want to make money off of it," Todt said.
"It absolutely is" motivated by profit, according to Todt. "It's an economic model. The tragedy is that it's an economic model that...happens to capitalize on an infrastructure that is responsible for human lives."